Closed
Bug 1021932
Opened 10 years ago
Closed 10 years ago
array buffer data leaks on early return from MediaBufferDecoder::AsyncDecodeMedia()
Categories
(Core :: Web Audio, defect, P1)
Core
Web Audio
Tracking
()
RESOLVED
FIXED
mozilla33
People
(Reporter: mccr8, Assigned: mccr8)
References
(Blocks 1 open bug)
Details
(Keywords: memory-leak, Whiteboard: [MemShrink:P2])
Attachments
(3 files)
|
8.36 KB,
text/plain
|
Details | |
|
1.43 KB,
patch
|
padenot
:
review+
|
Details | Diff | Splinter Review |
|
1.12 KB,
patch
|
erahm
:
review+
|
Details | Diff | Splinter Review |
I'm seeing this consistently in LSAN runs of M1:
Direct leak of 34 byte(s) in 1 object(s) allocated from:
#0 0x471fbb in realloc /builds/slave/moz-toolchain/src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cc:95
#1 0x7f2f4c9eabe2 in js_realloc /build/obj-firefox/js/src/../../dist/include/js/Utility.h:116
#2 0x7f2f4c9eabe2 in AllocateArrayBufferContents(JSContext*, unsigned int, void*, unsigned long) /build/js/src/vm/ArrayBufferObject.cpp:281
#3 0x7f2f48f285fe in length /build/content/base/src/nsXMLHttpRequest.cpp:3965
#4 0x7f2f48f285fe in nsXMLHttpRequest::OnStopRequest(nsIRequest*, nsISupports*, tag_nsresult) /build/content/base/src/nsXMLHttpRequest.cpp:2225
#5 0x7f2f48dbd4fe in nsCORSListenerProxy::OnStopRequest(nsIRequest*, nsISupports*, tag_nsresult) /build/content/base/src/nsCrossSiteListenerProxy.cpp:655
#6 0x7f2f455bbb5b in nsStreamListenerTee::OnStopRequest(nsIRequest*, nsISupports*, tag_nsresult) /build/netwerk/base/src/nsStreamListenerTee.cpp:53
It could be a dupe of bug 1021126, because the stack looks similar.
|
Assignee | |
Comment 1•10 years ago
|
||
This is happening when running Web Audio tests. Locally, I now see two sort of similar leaks when running this directory, and on try I see a third larger one, though that third one may not be from web audio. I'll bisect it some more tomorrow.
|
|
Assignee | |
Comment 2•10 years ago
|
||
|
|
Assignee | |
Updated•10 years ago
|
Keywords: mlk
Summary: Small leak in nsXMLHttpRequest::OnStopRequest → AllocateArrayBufferContents leaks
Whiteboard: [MemShrink]
|
|
Assignee | |
Updated•10 years ago
|
Component: DOM → Web Audio
|
|
Assignee | |
Comment 3•10 years ago
|
||
The JS_StealArrayBufferContents leak is from test_bug845960.html
|
|
Assignee | |
Comment 4•10 years ago
|
||
The nsXMLHttpRequest::OnStopRequest leak seems to be from test_mediaDecoding.html, though it is hard to tell because once I run it without a number of other tests, then it just hangs..
|
||
Updated•10 years ago
|
Priority: -- → P1
|
|
Assignee | |
Comment 5•10 years ago
|
||
I think I figured out the leak in test_bug845960.html. In mozilla::dom::AudioContext::DecodeAudioData, we get a new array buffer back, which we then pass into MediaBufferDecoder::AsyncDecodeMedia() as aBuffer. Then we fail, and hit the first return, without freeing aBuffer. Putting a free(aBuffer); before that first return fixes the leak, but is almost certainly wrong. The second return in that method seems to have the same problem. The other leaks don't have DecodeAudioData in their stacks, so they are probably a different issue. I'll file new bugs.
|
|
Assignee | |
Updated•10 years ago
|
Summary: AllocateArrayBufferContents leaks → array buffer data leaks on early return from MediaBufferDecoder::AsyncDecodeMedia()
|
|
Assignee | |
Comment 6•10 years ago
|
||
I filed bug 1023585 and bug 1023583 for the other leaks.
|
||
Updated•10 years ago
|
Whiteboard: [MemShrink] → [MemShrink:P2]
|
|
Assignee | |
Updated•10 years ago
|
Assignee: nobody → continuation
|
|
Assignee | |
Comment 7•10 years ago
|
||
https://tbpl.mozilla.org/?tree=Try&rev=0ccdd76a5338
|
|
Assignee | |
Comment 8•10 years ago
|
||
Comment on attachment 8442406 [details] [diff] [review] Free the buffer on failure in MediaBufferDecoder::AsyncDecodeMedia. try run was green
Attachment #8442406 -
Flags: review?(paul)
|
||
Updated•10 years ago
|
Attachment #8442406 -
Flags: review?(paul) → review+
|
|
Assignee | |
Updated•10 years ago
|
Keywords: checkin-needed
|
|
Assignee | |
Comment 9•10 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/e3ab11ba56a5
Keywords: checkin-needed
|
||
Comment 10•10 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/e3ab11ba56a5
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla33
|
||
Comment 11•10 years ago
|
||
You forgot to remove the entry from lsan_suppressions.txt
|
|
Assignee | |
Comment 12•10 years ago
|
||
Ah, right. The suppression can't actually be removed yet because there are two other places this leaks, but I'll remove the comment that refers to this bug once I locally confirm this particular leak is gone.
|
|
Assignee | |
Comment 13•10 years ago
|
||
I guess I should get review on this. I did a local LSan run, and two of these leaks are no longer present, so I removed them from the comment.
Attachment #8448944 -
Flags: review?(erahm)
|
||
Updated•10 years ago
|
Attachment #8448944 -
Flags: review?(erahm) → review+
|
|
Assignee | |
Comment 14•10 years ago
|
||
Thanks for the review. https://hg.mozilla.org/integration/mozilla-inbound/rev/9a39c61d2403
You need to log in
before you can comment on or make changes to this bug.
Description
•