Closed
Bug 1326167
Opened 7 years ago
Closed 7 years ago
stylo: dom/html/crashtests/795221-1.html leaks
Categories
(Core :: CSS Parsing and Computation, defect)
Core
CSS Parsing and Computation
Tracking
()
RESOLVED
FIXED
mozilla53
| Tracking | Status | |
|---|---|---|
| firefox53 | --- | fixed |
People
(Reporter: heycam, Assigned: xidorn)
References
Details
Attachments
(1 file)
One of the crashtest leaks is from dom/html/crashtests/795221-1.html (and its friends), which creates a cycle by setting an expando property on a ServoStyleRule's declaration. Xidorn, did we get something wrong with the cycle collector stuff there?
Flags: needinfo?(xidorn+moz)
|
Assignee | |
Comment 1•7 years ago
|
||
I think the issue here is actually that I didn't hook ServoCSSRuleList into cycle collection. Gecko's CSSRuleList doesn't need special handling because it doesn't own the rules, but ServoCSSRuleList owns the rules, so it does need to trace them.
Assignee: nobody → xidorn+moz
Flags: needinfo?(xidorn+moz)
| Comment hidden (mozreview-request) |
|
||
Comment 3•7 years ago
|
||
Comment on attachment 8822582 [details] Bug 1326167 - Hook ServoStyleSheet and ServoCSSRuleList into cycle collection. Looks simple enough, but bz was recently poking around at the object model stuff, so he should probably take a look.
Attachment #8822582 -
Flags: review?(bobbyholley) → review?(bzbarsky)
|
||
Comment 4•7 years ago
|
||
| mozreview-review | ||
Comment on attachment 8822582 [details] Bug 1326167 - Hook ServoStyleSheet and ServoCSSRuleList into cycle collection. https://reviewboard.mozilla.org/r/101444/#review103218 r=me ::: layout/style/ServoCSSRuleList.cpp:40 (Diff revision 1) > + > +NS_IMPL_CYCLE_COLLECTION_UNLINK_BEGIN(ServoCSSRuleList) > + for (uintptr_t& rule : tmp->mRules) { > + if (rule > kMaxRuleType) { > + CastToPtr(rule)->Release(); > + // XXX Do we need to restore the type value here? Is it possible Probably safest to set the type to 0, yes. Someone else could poke at it during their own unlinking process... ::: layout/style/ServoCSSRuleList.cpp:48 (Diff revision 1) > + } > + } > +NS_IMPL_CYCLE_COLLECTION_UNLINK_END_INHERITED(dom::CSSRuleList) > +NS_IMPL_CYCLE_COLLECTION_TRAVERSE_BEGIN_INHERITED(ServoCSSRuleList, > + dom::CSSRuleList) > + tmp->EnumerateInstantiatedRules([&](css::Rule* aRule) { Does this compile down to something reasonable that doesn't involve lots of function calls in practice? ::: layout/style/ServoCSSRuleList.cpp:49 (Diff revision 1) > + } > +NS_IMPL_CYCLE_COLLECTION_UNLINK_END_INHERITED(dom::CSSRuleList) > +NS_IMPL_CYCLE_COLLECTION_TRAVERSE_BEGIN_INHERITED(ServoCSSRuleList, > + dom::CSSRuleList) > + tmp->EnumerateInstantiatedRules([&](css::Rule* aRule) { > + NS_CYCLE_COLLECTION_NOTE_EDGE_NAME(cb, "rule"); I think "mRules[i]" would be a closer match for how we normally represent arrays as CC edge names. ::: layout/style/ServoCSSRuleList.cpp:50 (Diff revision 1) > +NS_IMPL_CYCLE_COLLECTION_UNLINK_END_INHERITED(dom::CSSRuleList) > +NS_IMPL_CYCLE_COLLECTION_TRAVERSE_BEGIN_INHERITED(ServoCSSRuleList, > + dom::CSSRuleList) > + tmp->EnumerateInstantiatedRules([&](css::Rule* aRule) { > + NS_CYCLE_COLLECTION_NOTE_EDGE_NAME(cb, "rule"); > + cb.NoteXPCOMChild(aRule->GetExistingDOMRule()); This is going to conflict with the patches in bug 851892 (which remove GetExistingDOMRule), but merging should be easy enough. Just check that it hasn't landed before you land this.
Attachment #8822582 -
Flags: review?(bzbarsky) → review+
|
|
Assignee | |
Comment 5•7 years ago
|
||
| mozreview-review-reply | ||
Comment on attachment 8822582 [details] Bug 1326167 - Hook ServoStyleSheet and ServoCSSRuleList into cycle collection. https://reviewboard.mozilla.org/r/101444/#review103218 > Does this compile down to something reasonable that doesn't involve lots of function calls in practice? I... don't know. I simply trust that the compiler would do the right thing... and I'm not sure what is the easist way to check that :/
|
|
||
Comment 6•7 years ago
|
||
Step through it and see what the assembly actually looks like? :(
|
|
Assignee | |
Comment 7•7 years ago
|
||
So for VS2015, the compiler inlines the lambda into the instantiated template, but the template function isn't inlined into the traverse function. I guess that is fine as far as we don't do a function call for each rule for traversing.
| Comment hidden (mozreview-request) |
Pushed by xquan@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/e8f9f36068ef Hook ServoStyleSheet and ServoCSSRuleList into cycle collection. r=bz
|
|
||
Comment 10•7 years ago
|
||
> I guess that is fine as far as we don't do a function call for each rule
Yes, that's the key part. Thank you for checking!
|
||
Comment 11•7 years ago
|
||
| bugherder | ||
https://hg.mozilla.org/mozilla-central/rev/e8f9f36068ef
Status: NEW → RESOLVED
Closed: 7 years ago
status-firefox53:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla53
You need to log in
before you can comment on or make changes to this bug.
Description
•