Create a dedicated partition for array buffers

Create a dedicated partition for array buffers

ArrayBuffers have a high risk where their length and/or contents are
exploited from user scripts. Thus we don't want to mix ArrayBuffers
and other objects that may contain pointers in the same partition.

TBR=primiano@chromium.org
BUG=634547
Review-Url: https://codereview.chromium.org/2682943002
Cr-Commit-Position: refs/heads/master@{#449226}
Committed: https://chromium.googlesource.com/chromium/src/+/cd3f72e7cc1ad766a8357728a20f2ffdc8359f05

[haraken, 2017-02-08 11:39:47]

The CQ bit was checked by haraken@chromium.org to run a CQ dry run

[haraken, 2017-02-08 11:39:48]

haraken@chromium.org changed reviewers:
+ jochen@chromium.org, slangley@chromium.org

[haraken, 2017-02-08 11:39:49]

jochen@: PTAL

The only concern is memory increase caused by the partition overhead. I guess it
wouldn't be a big issue since we didn't observer any memory improvement when we
removed the Node partition after shipping Oilpan. Let's see how it goes.

[jochen (gone - plz use gerrit), 2017-02-08 11:45:16]

lgtm

[haraken, 2017-02-08 11:50:00]

The CQ bit was checked by haraken@chromium.org

[commit-bot: I haz the power, 2017-02-08 11:50:20]

CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[commit-bot: I haz the power, 2017-02-08 12:56:30]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2017-02-08 12:56:31]

Try jobs failed on following builders:
  win_chromium_x64_rel_ng on master.tryserver.chromium.win (JOB_FAILED,
http://build.chromium.org/p/tryserver.chromium.win/builders/win_chromium_x64_...)

[haraken, 2017-02-09 01:28:30]

Description was changed from

==========
Create a dedicated partition for array buffers

ArrayBuffers have a high risk where their length and/or contents are
exploited from user scripts. Thus we don't want to mix ArrayBuffers
and other objects that may contain pointers in the same partition.

BUG=
==========

to

==========
Create a dedicated partition for array buffers

ArrayBuffers have a high risk where their length and/or contents are
exploited from user scripts. Thus we don't want to mix ArrayBuffers
and other objects that may contain pointers in the same partition.

TBR=primiano@chromium.org
BUG=
==========

[haraken, 2017-02-09 01:28:30]

haraken@chromium.org changed reviewers:
+ primiano@chromium.org

[haraken, 2017-02-09 01:28:48]

TBR primiano@ for base/.

[haraken, 2017-02-09 01:28:54]

The CQ bit was checked by haraken@chromium.org

[haraken, 2017-02-09 01:28:54]

The patchset sent to the CQ was uploaded after l-g-t-m from jochen@chromium.org
Link to the patchset: https://codereview.chromium.org/2682943002/#ps30004
(title: "temp")

[commit-bot: I haz the power, 2017-02-09 01:29:35]

CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[slangley, 2017-02-09 02:59:40]

On 2017/02/08 at 11:39:49, haraken wrote:
> jochen@: PTAL
> 
> The only concern is memory increase caused by the partition overhead. I guess
it wouldn't be a big issue since we didn't observer any memory improvement when
we removed the Node partition after shipping Oilpan. Let's see how it goes.

Shall we not attach this CL to a bug number?

[haraken, 2017-02-09 03:59:11]

Description was changed from

==========
Create a dedicated partition for array buffers

ArrayBuffers have a high risk where their length and/or contents are
exploited from user scripts. Thus we don't want to mix ArrayBuffers
and other objects that may contain pointers in the same partition.

TBR=primiano@chromium.org
BUG=
==========

to

==========
Create a dedicated partition for array buffers

ArrayBuffers have a high risk where their length and/or contents are
exploited from user scripts. Thus we don't want to mix ArrayBuffers
and other objects that may contain pointers in the same partition.

TBR=primiano@chromium.org
BUG=634547
==========

[haraken, 2017-02-09 03:59:22]

On 2017/02/09 02:59:40, slangley wrote:
> On 2017/02/08 at 11:39:49, haraken wrote:
> > jochen@: PTAL
> > 
> > The only concern is memory increase caused by the partition overhead. I
guess
> it wouldn't be a big issue since we didn't observer any memory improvement
when
> we removed the Node partition after shipping Oilpan. Let's see how it goes.
> 
> Shall we not attach this CL to a bug number?

Added.

[commit-bot: I haz the power, 2017-02-09 06:27:06]

CQ is committing da patch.

Bot data: {"patchset_id": 30004, "attempt_start_ts": 1486603734059470,
"parent_rev": "665243239207d7a0e1e73a4179c55f083c5493ca", "commit_rev":
"cd3f72e7cc1ad766a8357728a20f2ffdc8359f05"}

[commit-bot: I haz the power, 2017-02-09 06:28:07]

Description was changed from

==========
Create a dedicated partition for array buffers

ArrayBuffers have a high risk where their length and/or contents are
exploited from user scripts. Thus we don't want to mix ArrayBuffers
and other objects that may contain pointers in the same partition.

TBR=primiano@chromium.org
BUG=634547
==========

to

==========
Create a dedicated partition for array buffers

ArrayBuffers have a high risk where their length and/or contents are
exploited from user scripts. Thus we don't want to mix ArrayBuffers
and other objects that may contain pointers in the same partition.

TBR=primiano@chromium.org
BUG=634547

Review-Url: https://codereview.chromium.org/2682943002
Cr-Commit-Position: refs/heads/master@{#449226}
Committed:
https://chromium.googlesource.com/chromium/src/+/cd3f72e7cc1ad766a8357728a20f...
==========

[commit-bot: I haz the power, 2017-02-09 06:28:08]

Committed patchset #3 (id:30004) as
https://chromium.googlesource.com/chromium/src/+/cd3f72e7cc1ad766a8357728a20f...

[Primiano Tucci (use gerrit), 2017-02-09 12:43:12]

base/trace_event/memory_infra_background_whitelist.cc LGTM