Closed
Bug 199465
Opened 22 years ago
Closed 22 years ago
scriptProto leaks in nsXULDocument
Categories
(Core :: XUL, defect, P2)
Core
XUL
Tracking
()
VERIFIED
FIXED
mozilla1.4beta
People
(Reporter: dbradley, Assigned: jst)
References
Details
(Keywords: memory-leak, Whiteboard: [adt2][HAVE FIX])
Attachments
(5 files, 1 obsolete file)
|
1.42 KB,
text/plain
|
Details | |
|
8.09 KB,
text/plain
|
Details | |
|
3.47 KB,
text/plain
|
Details | |
|
1.16 KB,
patch
|
dbradley
:
review+
brendan
:
superreview+
|
Details | Diff | Splinter Review |
|
902 bytes,
patch
|
Details | Diff | Splinter Review |
I just startup, get the dialog to select a profile, exit, and get the leak. This
is from a trunk build from late yesterday.
It looks like the scriptProto gets leaked in nsXULDocument::OnStreamComplete.
Purify shows this as a common point, and I find no leak of a XUL document. (But
I'm not 100% sure on that).
I'll attach some supporting info.
This was fairly recent. I didn't see this leak over the weekend, and my build
was from Friday the 21st.
|
Reporter | |
Comment 1•22 years ago
|
||
|
|
Reporter | |
Comment 2•22 years ago
|
||
I thought I put this in the original comment, but the patch for bug 124412 might
be a candidate.
|
Assignee | |
Comment 4•22 years ago
|
||
Could you compile the JS engine with symbols too? This stack doesn't show what's
leaked, just that something leaks when compiling a script. I verified that we
don't leak nsXULPrototypeScript's when starting, selecting a profile, and
closing Mozilla, but I dunno what happens beyond that yet.
|
|
Reporter | |
Comment 5•22 years ago
|
||
This is full stacks from three leaks. All the leaks I've seen traced back to
the scriptProto. The script proto itself may be getting cleaned up (Purify
leaves a bit to be desired when it comes to tracking down relationships between
allocated memory), but the JS script object looks like it doesn't, or at least
many of the things it holds on to.
|
||
Comment 6•22 years ago
|
||
Nav triage team: nsbeta1+/adt2
Reassigning to jst to help us fix this for mozilla 1.4.
|
|
Reporter | |
Comment 7•22 years ago
|
||
Ok, I spent a little time on this. What appears to be happening is that
unrooting that occurs in the destructor of nsXULPrototypeScript occurs after
the last GC is run. And that's why the script object is leaking. I've attached
a stack to where the destructor is getting called. I don't know if this stuff
was getting cleaned up earlier, but it didn't leak before the 25th, or near
there.
|
||
Comment 8•22 years ago
|
||
We are facing a problem that I recall discussing with jband long ago: XPCOM
shutdown is not well-ordered. Here the specific detail is that JS global GC
roots are held past the destruction of the last JS context in the runtime.
Bryner just suggested we tweak things a little, so that the XBL service releases
its reference to the XUL cache early, on "xpcom-shutdown" notification. That
might do the job, for now. THe problem is that we're counting on no other
module caching a reference to the XUL cache, and then that module shuts down
after the last context has been destroyed.
To fix this right, we need a well-ordered shutdown procedure that destroys the
last JS context after all global GC roots have been removed.
/be
|
|
Assignee | |
Comment 9•22 years ago
|
||
|
|
Assignee | |
Comment 10•22 years ago
|
||
The attached patch isn't an ideal catch-all fix for all shutdown leaks of this
type, but it should take care of this one no matter who holds on to the XUL cache.
Since I can't repro this leak, I can't say for sure that this fixes the leak,
David, could you attach the patch and test?
|
|
||
Comment 11•22 years ago
|
||
Comment on attachment 119138 [details] [diff] [review]
Fix. Flush the XUL cache before running the last GC
Cool -- I didn't know the DOM did a final GC. That's a pretty darn good place
to flush the XUL cache.
/be
Attachment #119138 -
Flags: superreview+
|
|
Assignee | |
Updated•22 years ago
|
Status: NEW → ASSIGNED
Priority: -- → P2
Whiteboard: [adt2] → [adt2][HAVE FIX]
Target Milestone: --- → mozilla1.4beta
|
|
||
Comment 12•22 years ago
|
||
Comment on attachment 119138 [details] [diff] [review]
Fix. Flush the XUL cache before running the last GC
Just talked to bryner, after thinking about this more. Would it be better to
have the XUL cache itself observe xpcom-shutdown, and flush itself and then
disable itself (so no new entries can be filled in the XUL cache)?
Then the DOM wouldn't need to know about the XUL cache. Better still, we
wouldn't have to worry about whether this GC was really the "last" one (the JS
component loader, if used, can do a "last GC" also, using a context it creates
just for that purpose).
/be
Attachment #119138 -
Flags: superreview+
|
|
||
Comment 13•22 years ago
|
||
bryner had thought maybe the XBL service, on xpcom-shutdown, should release its
ref to the XUL cache after flushing the cache. That's less modular than the
idea in comment #12, but it does suggest fixing the XBL service to release its
XUL cache ref on shutdown -- in addition to making the XUL cache observe
shutdown and self-flush and self-disable.
/be
|
|
Assignee | |
Comment 14•22 years ago
|
||
If we do that then the XUL cache has to run GC on shutdown as well since there's
no guarantee that the DOM code's shutdown observer will be called *after* the
XUL cache's observer is called. If the order happens to be reversed, then the
roots that are removed in the XUL cache's shutdown observer would never be GC'd...
|
|
Reporter | |
Comment 15•22 years ago
|
||
I tried jst's patch and it clears the leaks up.
|
|
||
Comment 16•22 years ago
|
||
Comment on attachment 119138 [details] [diff] [review]
Fix. Flush the XUL cache before running the last GC
Ok, I'm sold. Unless anyone has a more modular way to do it, this seems good
for 1.4b. Bryner, what do you say?
/be
Attachment #119138 -
Flags: superreview+
|
|
Assignee | |
Updated•22 years ago
|
Attachment #119138 -
Flags: review?(dbradley)
|
|
Reporter | |
Comment 17•22 years ago
|
||
Comment on attachment 119138 [details] [diff] [review]
Fix. Flush the XUL cache before running the last GC
r=dbradley
I also verified that this wasn't holding the component manager in some indirect
way. Looks like oji is the only one left. Thanks, this greatly reduces the
noise in Purify
Attachment #119138 -
Flags: review?(dbradley) → review+
|
|
Assignee | |
Comment 18•22 years ago
|
||
Fixed.
Status: ASSIGNED → RESOLVED
Closed: 22 years ago
Resolution: --- → FIXED
|
||
Comment 19•22 years ago
|
||
I was happy to see this leak gets fixed! :-)
but, this fix also increased libjsdom.so by 4k+
is there any better way not to impact static footprint as much?
libjsdom.so
Total: +4735 (+4747/-12)
Code: +220 (+232/-12)
Data: +4515 (+4515/+0)
+4515 (+4515/+0) R (DATA)
+4515 (+4515/+0) UNDEF:libjsdom.so:R
+4499 kXULPrototypeCacheCID.2844
+16 _Q220nsIXULPrototypeCache33GetIID__20nsIXULPrototypeCache..0.iid
+220 (+232/-12) T (CODE)
+220 (+232/-12) UNDEF:libjsdom.so:T
+204 nsDOMSOFactory::Observe(nsISupports *, char const *, unsigned
short const *)
+28 nsIXULPrototypeCache::GetIID(void)
-12 nsJSProtocolHandler::AllowPort(int, char const *, int *)
|
|
Assignee | |
Comment 20•22 years ago
|
||
|
|
Assignee | |
Updated•22 years ago
|
Attachment #119246 -
Attachment description: Maybe this would be less code? → Duh, ignore this.
Attachment #119246 -
Attachment is obsolete: true
|
|
Assignee | |
Comment 21•22 years ago
|
||
|
|
Assignee | |
Comment 22•22 years ago
|
||
Comment on attachment 119248 [details] [diff] [review]
Maybe this would be less code?
This is 58 bytes smaller on disk, dunno how much of a runtime impact this has
tho.
|
|
Assignee | |
Comment 23•22 years ago
|
||
*** Bug 102655 has been marked as a duplicate of this bug. ***
Component: XP Toolkit/Widgets: XUL → XUL
QA Contact: shrir → xptoolkit.widgets
You need to log in
before you can comment on or make changes to this bug.
Description
•