Instrument SSL sockets using MemoryDumpProvider

net/ssl/ssl_client_session_cache.cc

 // Copyright 2015 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/ssl/ssl_client_session_cache.h"
 
 #include <utility>
 
 #include "base/memory/memory_coordinator_client_registry.h"
+#include "base/strings/stringprintf.h"
 #include "base/time/clock.h"
 #include "base/time/default_clock.h"
+#include "base/trace_event/process_memory_dump.h"
+#include "net/cert/x509_util_openssl.h"
 #include "third_party/boringssl/src/include/openssl/ssl.h"
+#include "third_party/boringssl/src/include/openssl/x509.h"
 
 namespace net {
 
 SSLClientSessionCache::SSLClientSessionCache(const Config& config)
     : clock_(new base::DefaultClock),
       config_(config),
       cache_(config.max_entries),
       lookups_since_flush_(0) {
   memory_pressure_listener_.reset(new base::MemoryPressureListener(base::Bind(
       &SSLClientSessionCache::OnMemoryPressure, base::Unretained(this))));
@@ skipping 52 matching lines @@
     std::unique_ptr<base::Clock> clock) {
   clock_ = std::move(clock);
 }
 
 bool SSLClientSessionCache::IsExpired(SSL_SESSION* session, time_t now) {
   return now < SSL_SESSION_get_time(session) ||
          now >=
              SSL_SESSION_get_time(session) + SSL_SESSION_get_timeout(session);
 }
 
+void SSLClientSessionCache::DumpMemoryStats(
+    base::trace_event::ProcessMemoryDump* pmd) {
+  std::string absolute_name = "net/ssl_session_cache";
+  base::trace_event::MemoryAllocatorDump* cache_dump =
+      pmd->GetAllocatorDump(absolute_name);
+  // This method can be reached from different URLRequestContexts. Since this is
+  // a singleton, only log memory stats once.
+  // TODO(xunjieli): Change this once crbug.com/458365 is fixed.
+  if (cache_dump)
+    return;
+  cache_dump = pmd->CreateAllocatorDump(absolute_name);
+  base::AutoLock lock(lock_);
+  for (const auto& pair : cache_) {
+    auto entry = pair.second.get();
+    auto cert_chain = entry->x509_chain;
+    size_t cert_count = sk_X509_num(cert_chain);
+    base::trace_event::MemoryAllocatorDump* entry_dump =
+        pmd->CreateAllocatorDump(
+            base::StringPrintf("%s/entry_%p", absolute_name.c_str(), entry));
+    int cert_size = 0;
+    for (size_t i = 0; i < cert_count; ++i) {
+      X509* cert = sk_X509_value(cert_chain, i);
+      cert_size += i2d_X509(cert, nullptr);
+    }
+    entry_dump->AddScalar("serialized_cert_size",

[davidben, 2016/12/07 19:42:58]

Probably worth replicating the comment here, so it's clear looking at this file
what's up.

[xunjieli, 2016/12/07 20:32:25]

Done.

+                          base::trace_event::MemoryAllocatorDump::kUnitsBytes,
+                          cert_size);
+    entry_dump->AddScalar("serialized_cert_count",

[davidben, 2016/12/07 19:42:58]

Ditto re serialized_cert_count => cert_count

[xunjieli, 2016/12/07 20:32:25]

Done.

+                          base::trace_event::MemoryAllocatorDump::kUnitsObjects,
+                          cert_count);
+    entry_dump->AddScalar(base::trace_event::MemoryAllocatorDump::kNameSize,
+                          base::trace_event::MemoryAllocatorDump::kUnitsBytes,
+                          cert_size);
+  }
+}
+
 void SSLClientSessionCache::FlushExpiredSessions() {
   time_t now = clock_->Now().ToTimeT();
   auto iter = cache_.begin();
   while (iter != cache_.end()) {
     if (IsExpired(iter->second.get(), now)) {
       iter = cache_.Erase(iter);
     } else {
       ++iter;
     }
   }
@@ skipping 25 matching lines @@
       break;
     case base::MemoryState::SUSPENDED:
     // Note: Not supported at present. Fall through.
     case base::MemoryState::UNKNOWN:
       NOTREACHED();
       break;
   }
 }
 
 }  // namespace net