Closed Bug 1383977 Opened 2 years ago Closed 2 years ago

stylo: Measure Elements and ComputedValues

Categories

(Core :: CSS Parsing and Computation, defect, P4)

54 Branch
defect

Tracking

()

RESOLVED FIXED
mozilla57
Tracking Status
firefox-esr52 --- unaffected
firefox55 --- wontfix
firefox56 --- wontfix
firefox57 --- fixed

People

(Reporter: njn, Assigned: njn)

References

Details

Attachments

(1 file)

This is a decent chunk of Stylo memory usage. Measuring it also requires handling Arcs, which is non-trivial.
I'm getting a Valgrind failure on try:

https://treeherder.mozilla.org/#/jobs?repo=try&revision=865e4afd445964c86359b699eb1781d62c9d7e8b&selectedJob=119844863

> ==42523== Invalid write of size 4
> ==42523==    at 0xF9D1B25: Servo_Element_SizeOfExcludingThis (ServoBindingList
.h:23)
> ==42523==    by 0xE70C96D: mozilla::dom::Element::SizeOfExcludingThis(mozilla:
:SizeOfState&) const (Element.cpp:4152)
> ==42523==    by 0xE78772F: SizeOfIncludingThis (nsINode.h:339)
> ==42523==    by 0xE78772F: nsDocument::DocAddSizeOfExcludingThis(nsWindowSizes
*) const (nsDocument.cpp:12406)
> ...
> ==42523==  Address 0x0 is not stack'd, malloc'd or (recently) free'd

So it's dereferencing a null pointer. My guess is that Element::mServoData is null. Should I be checking mServoData.Get() is non-null before calling Servo_Element_SizeOfExcludingThis()?
> > ==42523==  Address 0x0 is not stack'd, malloc'd or (recently) free'd
> 
> So it's dereferencing a null pointer. My guess is that Element::mServoData
> is null. Should I be checking mServoData.Get() is non-null before calling
> Servo_Element_SizeOfExcludingThis()?

I added an mServoData.Get() check and Valgrind is now happy. But now I'm getting a heap write hazard. (Sigh, this patch has everything.)

> [28.67s] #35 Analyzing Gecko_HaveSeenPtr ...
> Error: Field write PLDHashTable.mRemovedCount
> Location: _ZN12PLDHashTable3AddEPKvRKN7mozilla10fallible_tE$PLDHashEntryHdr* PLDHashTable::Add(void*, mozilla::fallible_t*) @ xpcom/ds/PLDHashTable.cpp#586
> Stack Trace:
> _ZN12nsTHashtableIN6detail14VoidPtrHashKeyEE8PutEntryEPKvRKN7mozilla10fallible_tE$EntryType* > nsTHashtable<EntryType>::PutEntry(nsTHashtable<EntryType>::KeyType, const fallible_t&) [with EntryType = detail::VoidPtrHashKey; nsTHashtable<EntryType>::KeyType = const void*; nsTHashtable<EntryType>::fallible_t = mozilla::fallible_t] @ obj-analyzed/dist/include/nsTHashtable.h#166
> _ZN12nsTHashtableI12nsPtrHashKeyIKvEE8PutEntryEPS1_RKN7mozilla10fallible_tE$nsTHashtable<nsPtrHashKey<T> >::EntryType* nsTHashtable<nsPtrHashKey<T> >::PutEntry(T*, const mozilla::fallible_t&) [with T = const void; nsTHashtable<nsPtrHashKey<T> >::EntryType = nsPtrHashKey<const void>] @ obj-analyzed/dist/include/nsTHashtable.h#570
> _ZN7mozilla8SeenPtrs11HaveSeenPtrEPKv$uint8 mozilla::SeenPtrs::HaveSeenPtr(void*) @ obj-analyzed/dist/include/mozilla/SizeOfState.h#35
> Gecko_HaveSeenPtr @ layout/style/ServoBindings.cpp#464
Comment on attachment 8892277 [details]
Bug 1383977 - stylo: Measure Elements and ComputedValues. .

https://reviewboard.mozilla.org/r/163210/#review169044
Attachment #8892277 - Flags: review?(manishearth) → review+
The IsMainThread assertion should have fixed the hazard, if not there's a bug in the hazard.

I assume HaveSeenPtr inserts the pointer into the table if not seen.
(In reply to Manish Goregaokar [:manishearth] from comment #6)
> The IsMainThread assertion should have fixed the hazard, if not there's a
> bug in the hazard.

It did fix it.

> I assume HaveSeenPtr inserts the pointer into the table if not seen.

Yes! There's a comment above the method in xpcom/base/SizeOfState.h:

> // Returns true if we have seen this pointer before, false otherwise. Also
> // remembers this pointer for later queries.
Priority: -- → P4
Pushed by nnethercote@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/23fdfd155f72
stylo: Measure Elements and ComputedValues. r=manishearth.
https://hg.mozilla.org/mozilla-central/rev/23fdfd155f72
Status: NEW → RESOLVED
Closed: 2 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla57
Assignee: nobody → n.nethercote
You need to log in before you can comment on or make changes to this bug.