On Thu, Nov 15, 2012 at 12:22 AM, Chris Evans <[email protected]> wrote:
> On Wed, Nov 14, 2012 at 11:32 PM, Maciej Stachowiak <[email protected]> wrote: > >> rather than DOM vs. not DOM. Also having a per-document arena for DOM >> nodes (as is done for render objects via RenderArena) seems irrelevant to >> the security goal and likely to cause bad memory fragmentation. >> > > My read on the Arena is that it's fragmentation resistant (i.e. it will > not repurpose a larger free chunk to satisfy a smaller allocation.) > However, memory usage at any given time is defined by peak usage since it > cannot release pages back to the system without ruining its security > guarantee. Interestingly, it can't be super bad: we already bite this > bullet for RenderArena as used by RenderObjects. The RenderArena lifetime > is the same as the document / DOM and I was surprised to recently be told > that we don't throw away the RenderArena on a full layout. > Not really. Render tree is really small. It's in the order of a few megabytes on most websites. On the other hand, DOM tree and CSS objects can consume as much as tens, if not hundreds, of megabytes because there are many DOM nodes that are not displayed on the screen. Also, a large proportion of render objects tend to be allocated and deallocated at the same time while DOM nodes tend to be created and deleted at different times on many script heavy page. These two characteristics of render tree makes it particularly attractive to make use of memory management strategies like the one used in RenderArena. I'm not convinced that using the same strategy for DOM nodes is a good idea. - R. Niwa
_______________________________________________ webkit-dev mailing list [email protected] http://lists.webkit.org/mailman/listinfo/webkit-dev
