Closed
Bug 457743
Opened 16 years ago
Closed 16 years ago
Automatic wrapper creates cycles, and thus leaks
Categories
(Toolkit :: Storage, defect)
Toolkit
Storage
Tracking
()
VERIFIED
FIXED
mozilla1.9.1b2
People
(Reporter: sdwilsh, Assigned: sdwilsh)
References
Details
(Keywords: memory-leak, regression, verified1.9.1)
Attachments
(1 file, 2 obsolete files)
8.71 KB,
patch
|
asuth
:
review+
|
Details | Diff | Splinter Review |
http://mxr.mozilla.org/mozilla-central/source/storage/src/mozStorageStatementParams.h#61 http://mxr.mozilla.org/mozilla-central/source/storage/src/mozStorageStatementRow.h#67 These should be raw pointers - we don't need to hold a reference since: 1) when these are used by the automatic wrapper, the statement *must* exists 2) when used by the explicit wrapper (depreciated), they are strongly held onto as long as the wrapper exists, and thus the statement must (http://mxr.mozilla.org/mozilla-central/source/storage/src/mozStorageStatementWrapper.h#79)
Assignee | ||
Comment 1•16 years ago
|
||
Assignee | ||
Updated•16 years ago
|
Whiteboard: [has patch][needs review dcamp]
Comment 2•16 years ago
|
||
As mentioned on irc, a dumb consumer COULD create a wrapper, get a reference to the row, destroy the wrapper, and then crash trying to access the row (even though it's clearly documented that the row is invalid without an accompanying statement). Seems like it'd be reasonable for the wrappers to invalidate/close out the row/params when it goes away.
Assignee | ||
Comment 3•16 years ago
|
||
mozStorageStatement also has the same issue
Whiteboard: [has patch][needs review dcamp] → [needs new patch]
Assignee | ||
Comment 4•16 years ago
|
||
Attachment #342097 -
Attachment is obsolete: true
Attachment #347626 -
Flags: review?
Attachment #342097 -
Flags: review?(dcamp)
Assignee | ||
Updated•16 years ago
|
Attachment #347626 -
Flags: review? → review?(dcamp)
Assignee | ||
Updated•16 years ago
|
Whiteboard: [needs new patch] → [has patch][needs review dcamp]
Updated•16 years ago
|
Attachment #347626 -
Flags: review?(dcamp) → review+
Updated•16 years ago
|
Flags: blocking1.9.1? → blocking1.9.1+
Target Milestone: --- → mozilla1.9.1
Assignee | ||
Updated•16 years ago
|
Whiteboard: [has patch][needs review dcamp] → [has patch][has review][can land]
Comment 5•16 years ago
|
||
Shawn, will you add the patch to https://wiki.mozilla.org/1.9.1_beta_2_checkins ?
Assignee | ||
Comment 6•16 years ago
|
||
I plan to land this after the beta.
Whiteboard: [has patch][has review][can land] → [has patch][has review][needs approval]
Comment 7•16 years ago
|
||
(In reply to comment #6) > I plan to land this after the beta. Why? Like bug 464202, I think this should go into b2. We have had zero tolerance for leaks for a while now, this one just slipped by because we can't yet set the leak treshold to 0 for browser-chrome tests. If we could, the patch that caused this (obvious) leak would have been backed out due to orange tinderboxes.
Assignee | ||
Comment 8•16 years ago
|
||
(In reply to comment #7) > Why? Like bug 464202, I think this should go into b2. We have had zero > tolerance for leaks for a while now, this one just slipped by because we can't > yet set the leak treshold to 0 for browser-chrome tests. If we could, the patch > that caused this (obvious) leak would have been backed out due to orange > tinderboxes. Mostly because this isn't used in any core code - just test files. That, and I don't want to have to watch the tree with the current state it's been in. If someone else wants to land these, by all means, please do so.
Comment 9•16 years ago
|
||
Is it me or does the block added to mozStorageStatement::Finalize only take effect if you call Finalize twice? If the statement exists, control flows into the if-case which returns, never leaving that block.
Assignee | ||
Comment 10•16 years ago
|
||
(In reply to comment #9) > Is it me or does the block added to mozStorageStatement::Finalize only take > effect if you call Finalize twice? If the statement exists, control flows into > the if-case which returns, never leaving that block. Yup. For whatever reason I thought that was if (!mDBStatement), but it's clearly if (mDBStatement). Ugh. New patch soon.
Whiteboard: [has patch][has review][needs approval]
Assignee | ||
Comment 11•16 years ago
|
||
Attachment #347626 -
Attachment is obsolete: true
Attachment #348582 -
Flags: review?(bugmail)
Assignee | ||
Updated•16 years ago
|
Whiteboard: [has patch][needs review asuth]
Comment 12•16 years ago
|
||
Comment on attachment 348582 [details] [diff] [review] v1.2 [Checkin: Comment 20] >diff --git a/storage/src/mozStorageStatementJSHelper.cpp b/storage/src/mozStorageStatementJSHelper.cpp >--- a/storage/src/mozStorageStatementJSHelper.cpp >+++ b/storage/src/mozStorageStatementJSHelper.cpp >@@ -110,17 +110,17 @@ mozStorageStatementJSHelper::getRow(mozS > { > nsresult rv; > > PRInt32 state; > (void)aStatement->GetState(&state); > if (state != mozIStorageStatement::MOZ_STORAGE_STATEMENT_EXECUTING) > return NS_ERROR_UNEXPECTED; > >- if (!aStatement->mStatementRowHolder) { >+ if (!aStatement->mStatementRowHolder && aStatement->mDBStatement) { nit: I'd suggest not adding the mDBStatement check. The state-check already ensures that aStatement->mDBStatement is non-null (otherwise the state would be MOZ_STORAGE_STATEMENT_INVALID). My concern is that the code looks buggy with the additional constraint, since it looks like the 'if' fails to conceive of the possibility that both mStatementRowHolder and mDBStatement are null, allowing a null de-reference to occur in the call to GetJSObject. This can't happen, of course, but it looks like it could. Perhaps add a comment about mDBStatement being known valid and an explanation of why that code cares if this is intended.
Attachment #348582 -
Flags: review?(bugmail) → review+
Updated•16 years ago
|
Attachment #348582 -
Flags: approval1.9.1b2?
Comment 13•16 years ago
|
||
Comment on attachment 348582 [details] [diff] [review] v1.2 [Checkin: Comment 20] This would also be nice to get in b2, because it prevents a leak of SQL statements and a couple miscellaneous objects when using named parameters in JS. It will fix the remaining leak running the specific test mentioned here (after bug 464202 is committed, which will be landing soon). Extensions, as one of the more likely candidates for using this API, would benefit from it not leaking if they investigate potential leaks caused by their extensions (no false positives). Last, it's not a very complicated patch, and the life cycle interactions here are well-understood, so it should be safe.
Updated•16 years ago
|
Whiteboard: [has patch][needs review asuth] → [has patch][needs approval]
Comment 14•16 years ago
|
||
Comment on attachment 348582 [details] [diff] [review] v1.2 [Checkin: Comment 20] We're closing down for beta 2 at the moment, so we'll have to take this after branch. Find me on IRC if you disagree vehemently.
Attachment #348582 -
Flags: approval1.9.1b2?
Attachment #348582 -
Flags: approval1.9.1b2-
Attachment #348582 -
Flags: approval1.9.1?
Comment 15•16 years ago
|
||
This needs to be fixed for b2 if bug 464202 actually blocks, because that bug requires this fix to actually work.
Target Milestone: mozilla1.9.1 → mozilla1.9.1b2
Comment 16•16 years ago
|
||
That makes sense; this should be a b2 blocker.
Comment 17•16 years ago
|
||
Comment on attachment 348582 [details] [diff] [review] v1.2 [Checkin: Comment 20] Resetting "approval1.9.1b2=?" per previous comments.
Attachment #348582 -
Flags: approval1.9.1b2- → approval1.9.1b2?
Comment 18•16 years ago
|
||
Comment on attachment 348582 [details] [diff] [review] v1.2 [Checkin: Comment 20] (b2 blockers don't need a+) This is FIXED now, right?
Attachment #348582 -
Flags: approval1.9.1b2?
Attachment #348582 -
Flags: approval1.9.1?
Comment 19•16 years ago
|
||
Yeah, just waiting for some cycling first. WARNING leaked 293147 bytes during test execution ---> WARNING leaked 73506 bytes during test execution Whee!
Status: ASSIGNED → RESOLVED
Closed: 16 years ago
Resolution: --- → FIXED
Whiteboard: [has patch][needs approval] → [has patch]
Comment 20•16 years ago
|
||
Comment on attachment 348582 [details] [diff] [review] v1.2 [Checkin: Comment 20] http://hg.mozilla.org/mozilla-central/rev/20245c2d97d0
Attachment #348582 -
Attachment description: v1.2 → v1.2
[Checkin: Comment 20]
Comment 21•16 years ago
|
||
V.Fixed, per bug 464202 comment 17.
Updated•16 years ago
|
Keywords: fixed1.9.1
Updated•16 years ago
|
Keywords: verified1.9.1
Comment 22•16 years ago
|
||
removing fixed1.9.1 b/c these bugs are verified1.9.1, sorry for the spam.
Keywords: fixed1.9.1
You need to log in
before you can comment on or make changes to this bug.
Description
•