Add a Setting to expose quantized, rate-limited MemoryInfo values
authorabarth@webkit.org <abarth@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 27 Jul 2012 09:37:51 +0000 (09:37 +0000)
committerabarth@webkit.org <abarth@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 27 Jul 2012 09:37:51 +0000 (09:37 +0000)
commit6c688c984611c69bfd8084b8dbe0ae03eaa3a50d
treea40851a9243f73e41ca20303a46782a32e805506
parenteef67d7fca2abb7860cf6fad2f6d2d833fab5ea8
Add a Setting to expose quantized, rate-limited MemoryInfo values
https://bugs.webkit.org/show_bug.cgi?id=80444

Reviewed by Eric Seidel.

We do not currently expose real MemoryInfo objects to the web unless
the user opts in because we're worried that this memory information
could be used in side-channel attacks.

We've gotten feedback from a number of web app developers that this
information is very useful in tracking the performance of their
applications.  These developers use the setting in their testing labs
and regression harnesses to catch memory leaks and regressiosn early in
their development cycle.

Some of these developers have experimented with enabling this feature
within their enterprise and have found the memory data from the field
extremely useful in tracking down memory issues that slip through their
testing.

Based on this experience, they've asked whether we can enable this
functionality on a wider scale so they catch even more problems
including problems that don't manifest within their enterprise.
Because we're still worried about side-channel attacks, we don't want
to expose the raw data, so we've talked with these folks in more detail
to understand what information they find most valuable.

This patch is the result of those discussions.  In particular, this
patch adds an option to expose quantized and rate-limited memory
information to web pages.  Web pages can only learn new data every 20
minutes, which helps mitigate attacks where the attacker compares two
or readings to extract side-channel information.  The patch also only
reports 100 distinct memory values, which (combined with the rate
limts) makes it difficult for attackers to learn about small changes in
memory use.

* page/MemoryInfo.cpp:
(WebCore):
(HeapSizeCache):
(WebCore::HeapSizeCache::HeapSizeCache):
(WebCore::HeapSizeCache::getCachedHeapSize):
(WebCore::HeapSizeCache::maybeUpdate):
(WebCore::HeapSizeCache::update):
(WebCore::HeapSizeCache::quantize):
(WebCore::MemoryInfo::MemoryInfo):
* page/Settings.cpp:
(WebCore::Settings::Settings):
* page/Settings.h:
(WebCore::Settings::setQuantizedMemoryInfoEnabled):
(WebCore::Settings::quantizedMemoryInfoEnabled):
(Settings):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@123856 268f45cc-cd09-0410-ab3c-d52691b4dbfc
13 files changed:
Source/WebCore/ChangeLog
Source/WebCore/bindings/js/ScriptGCEvent.cpp
Source/WebCore/bindings/js/ScriptGCEvent.h
Source/WebCore/bindings/v8/ScriptGCEvent.cpp
Source/WebCore/bindings/v8/ScriptGCEvent.h
Source/WebCore/inspector/InspectorMemoryAgent.cpp
Source/WebCore/inspector/InspectorTimelineAgent.cpp
Source/WebCore/page/MemoryInfo.cpp
Source/WebCore/page/MemoryInfo.h
Source/WebCore/page/Settings.cpp
Source/WebCore/page/Settings.h
Source/WebKit/chromium/WebKit.gypi
Source/WebKit/chromium/tests/MemoryInfo.cpp [new file with mode: 0644]