V8ScriptValueSerializer: Use PartitionAlloc for the buffer, and avoid copying it into a String.

third_party/WebKit/Source/bindings/core/v8/SerializedScriptValue.h

Index: third_party/WebKit/Source/bindings/core/v8/SerializedScriptValue.h
diff --git a/third_party/WebKit/Source/bindings/core/v8/SerializedScriptValue.h b/third_party/WebKit/Source/bindings/core/v8/SerializedScriptValue.h
index c5195878da23933cccdf4aef4282d0eb69b8c315..5f442f7f482ca440cf141a45a46894c4d30ceffc 100644
--- a/third_party/WebKit/Source/bindings/core/v8/SerializedScriptValue.h
+++ b/third_party/WebKit/Source/bindings/core/v8/SerializedScriptValue.h
@@ -36,6 +36,7 @@
 #include "core/CoreExport.h"
 #include "wtf/HashMap.h"
 #include "wtf/ThreadSafeRefCounted.h"
+#include "wtf/allocator/Partitions.h"
 #include "wtf/typed_arrays/ArrayBufferContents.h"
 #include <memory>
 #include <v8.h>
@@ -92,7 +93,7 @@ class CORE_EXPORT SerializedScriptValue
 
   static PassRefPtr<SerializedScriptValue> nullValue();
 
-  String toWireString() const { return m_data; }
+  String toWireString() const;
   void toWireBytes(Vector<char>&) const;
 
   // Deserializes the value (in the current context). Returns a null value in
@@ -129,7 +130,28 @@ class CORE_EXPORT SerializedScriptValue
   // The memory registration is revoked automatically in destructor.
   void registerMemoryAllocatedWithCurrentScriptContext();
 
-  String& data() { return m_data; }
+  // Provides access to the data and its attributes, regardless of whether the
+  // data was created as a string or as a vector.
+  // TODO(jbroman): Remove the 16-bit string representation, and simplify.
+  const uint8_t* data() {
+    if (!m_dataString.isNull()) {
+      DCHECK(!m_dataBuffer);
+      m_dataString.ensure16Bit();
+      return reinterpret_cast<const uint8_t*>(m_dataString.characters16());
+    }
+    return m_dataBuffer.get();
+  }
+  size_t dataLengthInBytes() const {
+    if (!m_dataString.isNull())
+      return m_dataString.length() * 2;
+    return m_dataBufferSize;
+  }
+  bool dataHasOneRef() const {
+    if (!m_dataString.isNull())
+      return m_dataString.impl()->hasOneRef();
+    return true;
+  }
+
   BlobDataHandleMap& blobDataHandles() { return m_blobDataHandles; }
   ArrayBufferContentsArray* getArrayBufferContentsArray() {
     return m_arrayBufferContentsArray.get();
@@ -142,12 +164,25 @@ class CORE_EXPORT SerializedScriptValue
   friend class ScriptValueSerializer;
   friend class V8ScriptValueSerializer;
 
-  enum StringDataMode { StringValue, WireData };
+  struct BufferDeleter {
+    void operator()(uint8_t* buffer) { WTF::Partitions::bufferFree(buffer); }
+  };
+  using DataBufferPtr = std::unique_ptr<uint8_t[], BufferDeleter>;
 
   SerializedScriptValue();
   explicit SerializedScriptValue(const String& wireData);
 
-  void setData(const String& data) { m_data = data; }
+  void setData(const String& data) {
+    m_dataString = data;
+    m_dataBuffer.reset();
+    m_dataBufferSize = 0;
+  }
+  void setData(DataBufferPtr data, size_t size) {
+    m_dataString = String();
+    m_dataBuffer = std::move(data);
+    m_dataBufferSize = size;
+  }
+
   void transferArrayBuffers(v8::Isolate*,
                             const ArrayBufferArray&,
                             ExceptionState&);
@@ -158,7 +193,17 @@ class CORE_EXPORT SerializedScriptValue
                                const OffscreenCanvasArray&,
                                ExceptionState&);
 
-  String m_data;
+  // Either:
+  // - |m_dataString| is non-null, and contains the data as a WTF::String which,
+  //   when made 16-bit, is the serialized data (padded to a two-byte boundary),
+  // or
+  // - |m_dataBuffer| is non-null, and |m_dataBufferSize| contains its size;
+  //   unlike |m_dataString|, that size is not guaranteed to be padded to a
+  //   two-byte boundary
+  String m_dataString;
+  DataBufferPtr m_dataBuffer;
+  size_t m_dataBufferSize = 0;
+
   std::unique_ptr<ArrayBufferContentsArray> m_arrayBufferContentsArray;
   std::unique_ptr<ImageBitmapContentsArray> m_imageBitmapContentsArray;
   BlobDataHandleMap m_blobDataHandles;