Closed
Bug 944492
Opened 11 years ago
Closed 11 years ago
Make XPCWrappedJS use the purple buffer and CAN_SKIP
Categories
(Core :: XPConnect, defect)
Core
XPConnect
Tracking
()
RESOLVED
FIXED
mozilla29
People
(Reporter: mccr8, Assigned: mccr8)
References
Details
Attachments
(2 files, 3 obsolete files)
|
8.23 KB,
patch
|
smaug
:
review+
|
Details | Diff | Splinter Review |
|
12.38 KB,
patch
|
mccr8
:
review+
|
Details | Diff | Splinter Review |
See bug 942528.
|
Assignee | |
Comment 1•11 years ago
|
||
Turns out, the existing traverse method for XPCWrappedJS is only correct when the wrapper doesn't have any weak references. https://tbpl.mozilla.org/?tree=Try&rev=77bb1d9d50b6
|
|
Assignee | |
Comment 2•11 years ago
|
||
I should also turn CanSkipWrappedJS into a normal skippable method, and maybe bake the logic about weak references into the skippable method (eg if we're a root wrapper and we have a weak reference, we're definitely alive).
|
|
Assignee | |
Comment 3•11 years ago
|
||
CanSkipWrappedJS seems a little overly complicated for what it has to do. It has this isRootWrappedJS stuff, but as far as I can see, it is only being called on things in the mWrappedJSRoots list, which I'd think would all have isRootWrappedJS. Olli, am I missing something? Of course, now I need that extra logic.
|
||
Comment 4•11 years ago
|
||
I don't think you're missing anything. It is just safe to call that method even without non-root stuff. The fact that the object is GetRootWrapper() doesn't in general mean that it is in mWrappedJSRoots
|
|
Assignee | |
Comment 5•11 years ago
|
||
Previous try run looked good. Turned into a normal skippable class, with the CanSkip stuff rewritten a bit: https://tbpl.mozilla.org/?tree=Try&rev=784769303c99
|
|
Assignee | |
Comment 6•11 years ago
|
||
Attachment #8341950 -
Flags: review?(bugs)
|
|
Assignee | |
Comment 7•11 years ago
|
||
Attachment #8341951 -
Flags: review?(bugs)
|
|
Assignee | |
Comment 8•11 years ago
|
||
I broke up the giant conditional in CanSkipWrappedJS() a bit to make it easier to understand. I also changed around what it does a little so that should be carefully looked at.
|
|
Assignee | |
Comment 9•11 years ago
|
||
"Normal" is too strong a word to use.
Summary: Make XPCWrappedJS into a more normal cycle collected class → Make XPCWrappedJS use the purple buffer and CAN_SKIP
|
|
||
Comment 10•11 years ago
|
||
Comment on attachment 8341950 [details] [diff] [review] part 1 - Make XPCWrappedJS use the purple buffer. r=smaug a bit scary stuff, given the complexity of this stuff. Could we land this early in the next cycle?
Attachment #8341950 -
Flags: review?(bugs) → review+
|
|
Assignee | |
Comment 11•11 years ago
|
||
(In reply to Olli Pettay [:smaug] from comment #10) > Could we land this early in the next cycle? Sure.
|
|
||
Comment 12•11 years ago
|
||
Comment on attachment 8341951 [details] [diff] [review] part 2 - Make XPCWrappedJS a proper skippable class. r=smaug >+nsXPCWrappedJS::CanSkip() >+{ >+ if (!nsCCUncollectableMarker::sGeneration) >+ return false; >+ >+ // If this wrapper holds a gray object, need to trace it. >+ JSObject *obj = GetJSObjectPreserveColor(); >+ if (obj && xpc_IsGrayGCThing(obj)) >+ return false; >+ >+ if (IsSubjectToFinalization()) >+ return false; >+ >+ // The extra ref from the weak reference keeps the wrapper alive. >+ if (HasWeakReferences()) >+ return true; I don't understand this. If we have a weak ref and a strong ref, why can we skip?
Attachment #8341951 -
Flags: review?(bugs) → review-
|
|
Assignee | |
Comment 13•11 years ago
|
||
> I don't understand this. If we have a weak ref and a strong ref, why can we skip?
There's an extra AddRef in the XPCWJS constructor, and XPCWJS::Release drops the extra ref if there's no weak reference. Therefore, if anything has a "weak reference" to an XPCWJS (in the SupportsWeakRef sense), the XPCWJS won't be destroyed, so it is definitely alive and we don't need to add it to the CC graph (aside from the usual tracing JS stuff, which the earlier conditions are supposed to handle).|
|
Assignee | |
Comment 14•11 years ago
|
||
Though I'm not entirely what ends up destroying the XPCWJS when it does have a weak reference, and a refcount of 1. I should figure that out. That could be a problem just with part 1.
|
|
||
Comment 15•11 years ago
|
||
Comment on attachment 8341950 [details] [diff] [review] part 1 - Make XPCWrappedJS use the purple buffer. r=smaug Yeah, I think this isn't good either. Having a weakref pointing to XPCWJS shouldn't affect to whether it is deleted or not.
Attachment #8341950 -
Flags: review+ → review-
|
|
Assignee | |
Comment 16•11 years ago
|
||
Attachment #8344215 -
Flags: review?(bugs)
Attachment #8344215 -
Flags: review?(bobbyholley+bmo)
|
|
Assignee | |
Comment 17•11 years ago
|
||
Attachment #8344216 -
Flags: review?(bugs)
|
|
Assignee | |
Comment 18•11 years ago
|
||
I don't know if you want to look at part 1 or not, Bobby. I consolidated and clarified the documentation of XPCWrappedJS lifetime. These patches should not change the behavior. green L64 debug try run: https://tbpl.mozilla.org/?tree=Try&rev=bbbd2b63b1ef
|
|
Assignee | |
Updated•11 years ago
|
Attachment #8341950 -
Attachment is obsolete: true
|
|
Assignee | |
Updated•11 years ago
|
Attachment #8341951 -
Attachment is obsolete: true
|
||
Comment 19•11 years ago
|
||
Comment on attachment 8344215 [details] [diff] [review] part 1 - Make XPCWrappedJS use the purple buffer. Review of attachment 8344215 [details] [diff] [review]: ----------------------------------------------------------------- This comment was very informative. Thank you for writing it! I don't know enough about this code to review it without spending several hours figuring it out myself. I'll let smaug review.
Attachment #8344215 -
Flags: review?(bobbyholley+bmo)
|
|
||
Comment 20•11 years ago
|
||
Comment on attachment 8344215 [details] [diff] [review] part 1 - Make XPCWrappedJS use the purple buffer. >+// When a wrapper is subject to finalization, the wrapper has a refcount of 1. It is >+// now owned exclusively by its JS object. Either it will have GetNewOrUsed called on it, >+// which will bring its refcount up to 2 and change the wrapper back to the >+// rooting state, or it will stay alive until the JS object dies. If the JS object >+// dies, then when XPCJSRuntime::FinalizeCallback calls FindDyingJSObjects >+// it will find the wrapper and call Release() in it, destroying the wrapper. >+// Otherwise, the wrapper will stay alive, even if it no longer has a weak reference >+// to it. Also getting non-weakRef from the weakref ends up increasing refcnt from 1 to 2. No need for GetNewOrUsed >+NS_IMETHODIMP_(void) >+nsXPCWrappedJS::DeleteCycleCollectable(void) >+{ >+ delete(this); I think without () is more common delete this; thanks for the explanation.
Attachment #8344215 -
Flags: review?(bugs) → review+
|
|
||
Updated•11 years ago
|
Attachment #8344216 -
Flags: review?(bugs) → review+
|
|
Assignee | |
Updated•11 years ago
|
Keywords: checkin-needed
|
|
Assignee | |
Comment 21•11 years ago
|
||
Addressed review comments. Carrying forward smaug's r+.
|
|
Assignee | |
Updated•11 years ago
|
Attachment #8344215 -
Attachment is obsolete: true
|
|
Assignee | |
Updated•11 years ago
|
Attachment #8346856 -
Flags: review+
|
|
Assignee | |
Comment 22•11 years ago
|
||
remote: https://hg.mozilla.org/integration/mozilla-inbound/rev/70b2d51d4f61 remote: https://hg.mozilla.org/integration/mozilla-inbound/rev/3b50a75aa431
Keywords: checkin-needed
|
||
Comment 23•11 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/70b2d51d4f61 https://hg.mozilla.org/mozilla-central/rev/3b50a75aa431
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla29
You need to log in
before you can comment on or make changes to this bug.
Description
•