105359 2012-12-18 16:01:45 -0800 REGRESSION(r137607): PluginDocument loads consume huge amounts of memory 2012-12-19 09:39:59 -0800 1 1 1 Unclassified WebKit WebCore Misc. 528+ (Nightly build) Unspecified Unspecified RESOLVED FIXED P2 Normal --- 1 japhet japhet abarth ap koivisto thorton webkit.review.bot oldest_to_newest 794126 0 japhet 2012-12-18 16:01:45 -0800 Original report: https://code.google.com/p/chromium/issues/detail?id=166374 To reproduce, go to a plugin that loads as a main resource in a chromium canary (e.g., http://www.scb.se/statistik/_publikationer/NR0001_2012K02_TI_A28TI1203.pdf). That 4MB pdf can easily consume multiple GBs of memory. The problem is that CachedRawResource implicitly assumes that, if setShouldBufferData() will be called, it will be called before the load starts. PluginDocument calls it after receiving the first chunk of data, which leaves CachedRawResource in an inconsistent state> It ends up sending the entirety of the data received so far in each callback instead of only the incremental data. 794131 1 180047 japhet 2012-12-18 16:06:53 -0800 Created attachment 180047 patch 794745 2 180047 ap 2012-12-19 09:31:09 -0800 Comment on attachment 180047 patch View in context: https://bugs.webkit.org/attachment.cgi?id=180047&action=review > Source/WebCore/ChangeLog:12 > + (WebCore::ResourceLoader::setShouldBufferData): shouldBufferData is an enum, not a boolean, so this is reversed. It's named as a boolean, so it should be renamed. 794746 3 japhet 2012-12-19 09:32:36 -0800 (In reply to comment #2) > (From update of attachment 180047 [details]) > View in context: https://bugs.webkit.org/attachment.cgi?id=180047&action=review > > > Source/WebCore/ChangeLog:12 > > + (WebCore::ResourceLoader::setShouldBufferData): shouldBufferData is an enum, not a boolean, so this is reversed. > > It's named as a boolean, so it should be renamed. true I'll do that in a separate patch. 794748 4 180047 webkit.review.bot 2012-12-19 09:39:55 -0800 Comment on attachment 180047 patch Clearing flags on attachment: 180047 Committed r138174: <http://trac.webkit.org/changeset/138174> 794749 5 webkit.review.bot 2012-12-19 09:39:59 -0800 All reviewed patches have been landed. Closing bug. 180047 2012-12-18 16:06:53 -0800 2012-12-19 09:39:55 -0800 patch buffer.txt text/plain 2834 japhet SW5kZXg6IFNvdXJjZS9XZWJDb3JlL2xvYWRlci9SZXNvdXJjZUxvYWRlci5jcHAKPT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PQotLS0gU291cmNlL1dlYkNvcmUvbG9hZGVyL1Jlc291cmNlTG9hZGVyLmNwcAkocmV2aXNpb24g MTM4MDQ2KQorKysgU291cmNlL1dlYkNvcmUvbG9hZGVyL1Jlc291cmNlTG9hZGVyLmNwcAkod29y a2luZyBjb3B5KQpAQCAtMTk0LDcgKzE5NCw3IEBACiAgICAgbV9vcHRpb25zLnNob3VsZEJ1ZmZl ckRhdGEgPSBzaG91bGRCdWZmZXJEYXRhOyAKIAogICAgIC8vIFJlc2V0IGFueSBhbHJlYWR5IGJ1 ZmZlcmVkIGRhdGEKLSAgICBpZiAoIXNob3VsZEJ1ZmZlckRhdGEpCisgICAgaWYgKHNob3VsZEJ1 ZmZlckRhdGEgPT0gRG9Ob3RCdWZmZXJEYXRhKQogICAgICAgICBtX3Jlc291cmNlRGF0YSA9IDA7 CiB9CiAgICAgCkluZGV4OiBTb3VyY2UvV2ViQ29yZS9sb2FkZXIvY2FjaGUvQ2FjaGVkUmF3UmVz b3VyY2UuY3BwCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT0KLS0tIFNvdXJjZS9XZWJDb3JlL2xvYWRlci9jYWNoZS9DYWNo ZWRSYXdSZXNvdXJjZS5jcHAJKHJldmlzaW9uIDEzODA0NikKKysrIFNvdXJjZS9XZWJDb3JlL2xv YWRlci9jYWNoZS9DYWNoZWRSYXdSZXNvdXJjZS5jcHAJKHdvcmtpbmcgY29weSkKQEAgLTU2LDE5 ICs1NiwyNiBAQAogICAgICAgICBpbmNyZW1lbnRhbERhdGEgPSBkYXRhLT5kYXRhKCkgKyBwcmV2 aW91c0RhdGFMZW5ndGg7CiAgICAgICAgIGluY3JlbWVudGFsRGF0YUxlbmd0aCA9IGRhdGEtPnNp emUoKSAtIHByZXZpb3VzRGF0YUxlbmd0aDsKICAgICB9Ci0gICAgCisKICAgICBpZiAobV9vcHRp b25zLnNob3VsZEJ1ZmZlckRhdGEgPT0gQnVmZmVyRGF0YSkgewogICAgICAgICBpZiAoZGF0YSkK ICAgICAgICAgICAgIHNldEVuY29kZWRTaXplKGRhdGEtPnNpemUoKSk7CiAgICAgICAgIG1fZGF0 YSA9IGRhdGE7CiAgICAgfQotICAgIAorCisgICAgRGF0YUJ1ZmZlcmluZ1BvbGljeSBkYXRhQnVm ZmVyaW5nUG9saWN5ID0gbV9vcHRpb25zLnNob3VsZEJ1ZmZlckRhdGE7CiAgICAgaWYgKGluY3Jl bWVudGFsRGF0YUxlbmd0aCkgewogICAgICAgICBDYWNoZWRSZXNvdXJjZUNsaWVudFdhbGtlcjxD YWNoZWRSYXdSZXNvdXJjZUNsaWVudD4gdyhtX2NsaWVudHMpOwogICAgICAgICB3aGlsZSAoQ2Fj aGVkUmF3UmVzb3VyY2VDbGllbnQqIGMgPSB3Lm5leHQoKSkKICAgICAgICAgICAgIGMtPmRhdGFS ZWNlaXZlZCh0aGlzLCBpbmNyZW1lbnRhbERhdGEsIGluY3JlbWVudGFsRGF0YUxlbmd0aCk7CiAg ICAgfQogICAgIENhY2hlZFJlc291cmNlOjpkYXRhKG1fZGF0YSwgYWxsRGF0YVJlY2VpdmVkKTsK KworICAgIGlmIChkYXRhQnVmZmVyaW5nUG9saWN5ID09IEJ1ZmZlckRhdGEgJiYgbV9vcHRpb25z LnNob3VsZEJ1ZmZlckRhdGEgPT0gRG9Ob3RCdWZmZXJEYXRhKSB7CisgICAgICAgIGlmIChtX2xv YWRlcikKKyAgICAgICAgICAgIG1fbG9hZGVyLT5zZXRTaG91bGRCdWZmZXJEYXRhKERvTm90QnVm ZmVyRGF0YSk7CisgICAgICAgIGNsZWFyKCk7CisgICAgfQogfQogCiB2b2lkIENhY2hlZFJhd1Jl c291cmNlOjpkaWRBZGRDbGllbnQoQ2FjaGVkUmVzb3VyY2VDbGllbnQqIGMpCkluZGV4OiBTb3Vy Y2UvV2ViQ29yZS9DaGFuZ2VMb2cKPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gU291cmNlL1dlYkNvcmUvQ2hhbmdl TG9nCShyZXZpc2lvbiAxMzgwNzkpCisrKyBTb3VyY2UvV2ViQ29yZS9DaGFuZ2VMb2cJKHdvcmtp bmcgY29weSkKQEAgLTEsMyArMSwxOSBAQAorMjAxMi0xMi0xOCAgTmF0ZSBDaGFwaW4gIDxqYXBo ZXRAY2hyb21pdW0ub3JnPgorCisgICAgICAgIFJFR1JFU1NJT04ocjEzNzYwNyk6IFBsdWdpbkRv Y3VtZW50IGxvYWRzIGNvbnN1bWUgaHVnZSBhbW91bnRzIG9mIG1lbW9yeQorICAgICAgICBodHRw czovL2J1Z3Mud2Via2l0Lm9yZy9zaG93X2J1Zy5jZ2k/aWQ9MTA1MzU5CisKKyAgICAgICAgUmV2 aWV3ZWQgYnkgTk9CT0RZIChPT1BTISkuCisKKyAgICAgICAgTm8gbmV3IHRlc3RzLCB2ZXJpZmll ZCBtYW51YWxseSB0aGF0IGh0dHA6Ly93d3cuc2NiLnNlL3N0YXRpc3Rpay9fcHVibGlrYXRpb25l ci9OUjAwMDFfMjAxMkswMl9USV9BMjhUSTEyMDMucGRmCisgICAgICAgIG5vIGxvbmdlciBjb25z dW1lcyBzZXZlcmFsIEdCIG9mIG1lbW9yeS4KKworICAgICAgICAqIGxvYWRlci9SZXNvdXJjZUxv YWRlci5jcHA6CisgICAgICAgIChXZWJDb3JlOjpSZXNvdXJjZUxvYWRlcjo6c2V0U2hvdWxkQnVm ZmVyRGF0YSk6IHNob3VsZEJ1ZmZlckRhdGEgaXMgYW4gZW51bSwgbm90IGEgYm9vbGVhbiwgc28g dGhpcyBpcyByZXZlcnNlZC4KKyAgICAgICAgKiBsb2FkZXIvY2FjaGUvQ2FjaGVkUmF3UmVzb3Vy Y2UuY3BwOgorICAgICAgICAoV2ViQ29yZTo6Q2FjaGVkUmF3UmVzb3VyY2U6OmRhdGEpOiBJZiB0 aGUgZGF0YVJlY2VpdmVkKCkgY2FsbGJhY2sgdGVsbHMgdXMgdG8gc3RvcCBidWZmZXJpbmcgZGF0 YSwgYmUgc3VyZSB0bworICAgICAgICAgICAgbm90aWZ5IHRoZSBSZXNvdXJjZUxvYWRlciBhbmQg Y2xlYXIgdGhlIGRhdGEgYnVmZmVyLgorCiAyMDEyLTEyLTE4ICBTaW1vbiBGcmFzZXIgIDxzaW1v bi5mcmFzZXJAYXBwbGUuY29tPgogCiAgICAgICAgIEFsbG93IHBvc2l0aW9uOnN0aWNreSBlbGVt ZW50cyB0byBiZSBtb3ZlZCBieSB0aGUgc2Nyb2xsaW5nIHRocmVhZAo=