Subj : Re: Implementing Resource Control in Spider Monkey To : "S. Raza" From : Brendan Eich Date : Mon Mar 08 2004 01:33 pm S. Raza wrote: >I'm interested in implementing some form of resource control for >scripts that execute in my application. Specifically, CPU and memory >consumption need to be managed, on a per script basis. Ideally :) I'd >like to do this without modifying the internals of the scripting >engine. > Admirable goal, maybe, but the engine does not support such quotas in general. > I can see that Spider Monkey supports limiting the stack-size >for a context out of the box (great). However, for heap-based objects >I don't see how this could be accomplished on a per context basis >without some changes. I guess allocating a runtime per-script with a >max runtime size begins to address the memory issue, however, >allocating a new JSRuntime object for each script request > Why wouldn't you reuse JSRuntimes, pool them one-to-one with threads? Are you talking about scripts calling scripted functions where the scripted functions should be subject to a different qouta from the calling script (or calling scripted function)? > might be too >much. I'm thinking about intercepting calls to JS_NewObject. Would >that be reasonable? > > Not really -- how much memory does an object take? Even the crude JSRuntime-based accounting doesn't try to guess. Your best bet for now is to use a JSRuntime per thread pooling approach, from what I can tell. >Secondly for CPU usage, the js_Interpret function seems to be a nice >place to inject any CPU usage checks. Basically for let the >interpreter execute for N ops, and then check the elapsed 'real' CPU >usage for the process each time. The other possibility as in JSEAL is >to re-write byte-code to enable call-backs into CPU usage checking >code after executing some block of code. > Just use JS_SetBranchCallback and be happy. I doubt straight-line code will be able to consume much CPU, unless you let people generate megabytes of straight-line code from perl scripts, e.g. What kind of trust model do you have here, anyway? If you're worried about resource quotas, what else are you worrying about bad or confused users doing? /be .