Contact emails
Explainer
Design doc/Spec
This API is unspecified.
Summary
performance.memory is an unspecified API, seeing significant usage from some of our partners. Other browser vendors are currently uninterested in pursuing an API exposing concrete numbers for memory usage.
Site isolation results in two changes to this API:
With site isolation, we group same origin tabs into the same process more frequently. With the current API, this makes the numbers harder to interpret, as we mix data for a varying number of tabs.
Site isolation prevents putting different origins into the same renderer process, eliminating an avenue for possible side-channel attacks.
In response to site isolation, we propose the following changes:
If multiple tabs are grouped into the same process, return null for the total and used JS heap size.
If full site isolation is enabled, remove the coarse quantization and delay from values we report.
Motivation
Site isolation is reducing the utility of performance.memory. It also provides an avenue for easily increasing the accuracy and timeliness without risk of side-channel attacks.
We have key partners requesting higher quality data from performance.memory.
Ideally, we’d ship a standardized API for this, and we intend to do so in the future, but at the moment there’s no interest from other browser vendors in a solution that would meet our partners needs.
Risks
Interoperability and Compatibility
This feature is unspecified, which inherently causes some interop and compat risk.
The only additional risk is that some developers may currently depend on these APIs not returning null.
Other browser vendors are generally not in favor of this proposal. The primary concerns are:
Security / interop issues
We’ll ensure to get Chrome security / privacy review before shipping this change.
High memory use isn’t inherently bad.
This is true, but this API enables A/B testing, leak detection etc that is much more difficult with higher level APIs.
Much of the discussion here hasn’t been recorded, but there’s some notes here and here. The following is a rough sense of where other vendors stand with respect to implementing a standardized memory API which exposes memory consumption numbers. This has been discussed some here.
Edge: Negative signals in person
Firefox: No signals - open bug here
Safari: No signals (“Unsure” about this approach)
Web developers: We see ~13% of page loads (via UseCounter V8MemoryInfo_UsedJSHeapSize_AttributeGetter) using this API on the web today, despite the issues with its accuracy and ease of use. Developers are often frustrated by the restrictions placed upon it for security purposes. OOPIF gives us an opportunity to easily make this API easier to use, and the results more actionable.
There are no interop tests, as this is unspecified.
Going forward, we must find a way to standardize an API which addresses these use cases. The memory pressure API is the current best candidate, but it doesn’t address all use cases. In particular, it doesn’t provide good signal for A/B testing memory usage of different site versions.
Ergonomics
The ergonomics of this feature are unchanged.
Activation
Developers will immediately benefit from these changes.
Will this feature be supported on all six Blink platforms (Windows, Mac, Linux, Chrome OS, Android, and Android WebView)?
No. Android is not supported today, and we don’t intend to extend support further without a plan for standardization.
Is this feature fully tested by web-platform-tests?
No, as this isn’t standardized. There is limited LayoutTest coverage.
Link to entry on the feature dashboard
Requesting approval to ship?
Yes
--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAHTsfZB%2B4cvTB7D4LauULCtm0Uv746LeV7C%2BtkqEgqTd-EF-cg%40mail.gmail.com.
We discussed this at the API owners meeting today and concluded that this change does not require API owner approval.
--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CADXXVKp3fmoKV2r5cDqVUPPFGiOPmOdR_w7axUz2nR3jwb9m7A%40mail.gmail.com.
--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscribe@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CADXXVKp3fmoKV2r5cDqVUPPFGiOPmOdR_w7axUz2nR3jwb9m7A%40mail.gmail.com.
On Thu, Feb 1, 2018 at 7:51 PM, 'Ilya Grigorik' via blink-dev <blin...@chromium.org> wrote:On Thu, Feb 1, 2018 at 11:09 AM Daniel Bratell <bra...@opera.com> wrote:We discussed this at the API owners meeting today and concluded that this change does not require API owner approval.Curious, what was the reasoning behind punting on this? We have many cases where we're revisiting / considering updating old ("pre i2i/i2s") APIs, what's the criteria for requiring owner approval?Our reasoning was that because this is an existing API and all that is changing is an "implementation detail" of how it arrives at the statistics returned by the API to be more accurate, it does not require API owner review. IOW, just a bugfix but not significant semantic change. (I think a public PSA is a good idea for a change this though, so appreciate greatly the email to blink-dev.)We also had a discussion about whether we should advocate for removal of the API due to not being standard, and there being opposition from other browsers to such a standard being created, but in the end concluded we didn't have much reason to force this course of action. Two main reasons:(a) it's not policy to unship APIs just because they were not standardized in the past (additional reasons are needed, or data to show it is almost unused)(b) the API in this case likely provides real value to sites even if it is just implemented in Chrome, and taking action to reduce app memory use Chrome most likely improves performance on all browsers.Chris
--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org.
Rick, Chris: thanks for the detailed context, makes sense.A couple of quick comments on past discussions of memory related APIs in webperf WG:
- There was/is interest in exposing some memory related telemetry from vendors. The scope of problem varies from browser to browser and hardware that it runs on but some motivating use cases were: OOMs due to poor site implementation (e.g. infinite lists that don't prune memory), low memory devices under constant memory pressure, and the too-many-damn-tabs problem.
- We heard pushback on exposing ~memory bytes as a signal. In no particular order:
- engines differ in how they use and allocate memory and without context this is not a useful signal on its own because there is nothing wrong with using more memory if its available
- concerns around incentivizing engine specific optimizations from developers, which are subject to change
- performance concerns: what should be counted, how often, stop-the-world vs, ....
- lots of security and privacy unknowns
- There was general consensus that a first step could be to expose memory pressure as signal to developers
- It avoids most of the above while nudging developers towards optimizing in cases that matter
- It maps cleanly to existing mobile primitives / "easy" to implement
- As a related but separate initiative, we exposed memory device class.
This is *not* an exhaustive list of all the past discussions, but just FYI.
On Thu, Feb 1, 2018 at 9:07 PM Chris Harrelson <chri...@chromium.org> wrote:
On Thu, Feb 1, 2018 at 7:51 PM, 'Ilya Grigorik' via blink-dev <blin...@chromium.org> wrote:On Thu, Feb 1, 2018 at 11:09 AM Daniel Bratell <bra...@opera.com> wrote:We discussed this at the API owners meeting today and concluded that this change does not require API owner approval.Curious, what was the reasoning behind punting on this? We have many cases where we're revisiting / considering updating old ("pre i2i/i2s") APIs, what's the criteria for requiring owner approval?Our reasoning was that because this is an existing API and all that is changing is an "implementation detail" of how it arrives at the statistics returned by the API to be more accurate, it does not require API owner review. IOW, just a bugfix but not significant semantic change. (I think a public PSA is a good idea for a change this though, so appreciate greatly the email to blink-dev.)We also had a discussion about whether we should advocate for removal of the API due to not being standard, and there being opposition from other browsers to such a standard being created, but in the end concluded we didn't have much reason to force this course of action. Two main reasons:(a) it's not policy to unship APIs just because they were not standardized in the past (additional reasons are needed, or data to show it is almost unused)(b) the API in this case likely provides real value to sites even if it is just implemented in Chrome, and taking action to reduce app memory use Chrome most likely improves performance on all browsers.Chris
--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscribe@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CADXXVKp3fmoKV2r5cDqVUPPFGiOPmOdR_w7axUz2nR3jwb9m7A%40mail.gmail.com.
--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CADXXVKpubsATkq1wBQovoN9YhNQpvfYtQHukyFvg%3DJ_42ej53A%40mail.gmail.com.
On 2/5/18 3:59 PM, Rick Byers wrote:
But holding the browser and target OS constant, it's clear developers using this API are getting a meaningful signal today about how the behavior of their own code is changing.
In some cases. And in some cases they're likely trading off memory included in the performance.memory numbers for memory not included in them, and getting a misleading measurement of the actual memory changes. Assuming we can even define "actual memory changes" and that they actually care about them.
This sort of think can be a pretty useful tool for someone who understands both how the numbers it reports map onto actual engine data structures _and_ how their code maps onto those data structures. Without both sets of understanding, it's pretty easy to be going sideways or backwards while thinking you're going forward. Doubly so if you get creative about trying to optimize the metric.
I agree that as a "something is up" early-warning detection this sort of thing can be useful, of course.
-Boris
--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/143b862b-30f7-c018-3766-8af9dbb3470e%40mit.edu.
Not a priori crazy, but having such a guess that is:
1) good
2) zero performance overhead (or close to it) if no one asks for it
3) quick to compute when asked for, even in the face of a large heap
Erik, thank you for the link.
I'm not sure this constraint is sufficient, but it may depend on what
you mean by this constraint. For a specific worrisome example, say a
page at origin A window.open()s a page at origin B which loads a
subframe from origin A. That subframe and the original page are in the
same process (because they have synchronous DOM access to each other,
per spec). The page from origin B is in a different process. In this
case, is the process with the two origin A frames satisfying your
constraint? Or put another way, does "single top-level frame" mean
"there is only one top-level frame" or "there is only one frame and it
is top-level" or something else?
--
You received this message because you are subscribed to a topic in the Google Groups "blink-dev" group.
To unsubscribe from this topic, visit https://groups.google.com/a/chromium.org/d/topic/blink-dev/no00RdMnGio/unsubscribe.
To unsubscribe from this group and all its topics, send an email to blink-dev+unsubscribe@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/2e41d23d-1a92-45ba-8c14-d54962b4846c%40chromium.org.
On 3/9/18 11:01 AM, Erik Chen wrote:
If you have further feedback, we'd love to hear it. If not, that's okay too, but please let us know so we know not to wait for your feedback.
Erik,
I somewhat worry about numberOfTabs exposing cross-origin information about what frames other sites are loading things from. Maybe that's already exposed by window[n] access, but worth thinking about carefully.
I think that's all for feedback on the changes. My previous comments on usedJSHeapSize/totalJSHeapSize stand: they are heavily implementation-dependent as defined and the descriptions seem to be assuming Chrome's implementation of various stuff in ways that are hard or impossible to map onto other implementations.
-Boris
--
You received this message because you are subscribed to a topic in the Google Groups "blink-dev" group.
To unsubscribe from this topic, visit https://groups.google.com/a/chromium.org/d/topic/blink-dev/no00RdMnGio/unsubscribe.
To unsubscribe from this group and all its topics, send an email to blink-dev+unsubscribe@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/f550da94-72db-4203-4591-73c7ef7dc53f%40mit.edu.
On 3/9/18 1:13 PM, Erik Chen wrote:
From Chrome's perspective, we intend to return non-null results only if site-isolation is enabled. Does that satisfy your concerns?
I'm specifically talking about the numberOfTabs value. I don't think that whether it exposes information is affected by site isolation...
* drop usedJSHeapSize/totalJSHeapSize entirely.
* Add some type of implementation-specific, optional dictionary member that browsers can fill with whatever they want. This would allow Chrome to keep usedJSHeapSize/totalJSHeapSize, and eventually add additional members [e.g. memory usage from video elements, etc.]. Other browsers could fill in with whatever fields they wanted, or leave it empty.
Thoughts?
My gut feeling if I were doing this would be to drop and revisit with more involvement from Edge/Safari and a better understanding of what sort of information sites are really looking for here....
-Boris