Closed
Bug 993591
Opened 9 years ago
Closed 9 years ago
Eagerly drop nsStreamLoader::mData
Categories
(Core :: Networking, defect)
Core
Networking
Tracking
()
RESOLVED
FIXED
mozilla31
People
(Reporter: khuey, Assigned: bkelly)
Details
(Whiteboard: [MemShrink:P2][c= p=3 s= u=])
Attachments
(2 files, 1 obsolete file)
|
2.15 KB,
patch
|
keeler
:
review+
mayhemer
:
review+
|
Details | Diff | Splinter Review |
|
4.72 KB,
patch
|
bkelly
:
review+
|
Details | Diff | Splinter Review |
Is there a reason not to drop mData in nsStreamLoader right after firing the OnStreamComplete callback? Waiting for the destructor means we're keeping potentially unbounded amounts of memory around unnecessarily. See bug 993548 for an even more aggressive solution for scripts.
|
||
Comment 1•9 years ago
|
||
We should totally do this.
|
Assignee | |
Updated•9 years ago
|
Assignee: nobody → bkelly
Status: NEW → ASSIGNED
|
|
Assignee | |
Comment 2•9 years ago
|
||
I don't have a great workload to demonstrate memory savings, but I was able to browse facebook on device successfully with this applied. https://tbpl.mozilla.org/?tree=Try&rev=47114d995d9b
Attachment #8403953 -
Flags: review?(khuey)
|
||
Comment 3•9 years ago
|
||
Comment on attachment 8403953 [details] [diff] [review] Eagerly free nsStreamLoader data. (v1) Review of attachment 8403953 [details] [diff] [review]: ----------------------------------------------------------------- I only know this code in a legacy sense, but this seems totally fine for me. mData can only be accessed from ODA which cannot be called after OnStopRequest. The class is MOZ_FINAL so it ought to be safe.
Attachment #8403953 -
Flags: review?(khuey) → review+
|
|
Assignee | |
Comment 4•9 years ago
|
||
Thanks Patrick! Sorry I forgot to check modules owners list to get the right reviewer here. Note, it looks like the try build is very unhappy. I wonder if some sub-classes expect to find information in mData at later times.
|
|
||
Comment 5•9 years ago
|
||
There are no subclasses of nsStreamLoader. Try is unhappy because you pushed on a broken base rev. In fact, inbound is currently closed for that very same bustage...
|
|
||
Comment 6•9 years ago
|
||
there are no subclasses.. perhaps a recipient of onStreamComplete is not returning NS_SUCCESS_ADOPTED_DATA when it should be taking ownership of the data? (and continuing to reference it..) (oh - I see bz has a more comforting theory :))
|
Reporter | |
Comment 7•9 years ago
|
||
(In reply to Boris Zbarsky [:bz] from comment #5) > There are no subclasses of nsStreamLoader. > > Try is unhappy because you pushed on a broken base rev. In fact, inbound is > currently closed for that very same bustage... That doesn't explain the xpcshell failures, does it?
|
|
Assignee | |
Comment 8•9 years ago
|
||
It seem ASAN is also reporting a use-after-free.
|
|
Reporter | |
Comment 9•9 years ago
|
||
http://mxr.mozilla.org/mozilla-central/source/security/manager/ssl/src/nsNSSCallbacks.cpp#681 Lovely.
|
|
||
Comment 10•9 years ago
|
||
kyle beat me to it in a comment race. +dkeeler
|
|
||
Comment 11•9 years ago
|
||
God. PSM code strikes again. Nothing like depending on things that are not documented to hold! One other thing that is potentially wrong in the patch is that it changes the behavior on the numBytesRead property on streamloader. It used to return the correct value unless OnStreamComplete returned NS_SUCCESS_ADOPTED_DATA. Now it no longer does. That said, that has only one consumer, and that consumer may not depend on the behavior after OnStreamComplete, so we could possibly change numBytesRead to only be meaningful if OnStreamComplete has not been called.
|
|
Assignee | |
Comment 12•9 years ago
|
||
Seems like it should be straightforward to have that code return NS_SUCCESS_ADOPTED_DATA and then free it when it is done with the data.
|
|
||
Comment 13•9 years ago
|
||
fwiw nsistreamloader.idl does say that it frees the data in its destructor. should at least change the doc too.
|
|
Assignee | |
Comment 14•9 years ago
|
||
I'm a bit short on time today, but will post updated patches tomorrow morning.
(In reply to Kyle Huey [:khuey] (khuey@mozilla.com) from comment #9) > http://mxr.mozilla.org/mozilla-central/source/security/manager/ssl/src/ > nsNSSCallbacks.cpp#681 > > Lovely. I'm hoping to replace/remove/improve a lot of that code. Some of the work may happen in bug 982248, but this improvement shouldn't be blocked on that. In the meantime, let me know if you need any help fixing what's wrong with PSM here.
|
|
||
Comment 16•9 years ago
|
||
Attachment #8404386 -
Flags: review?(dkeeler)
|
|
||
Updated•9 years ago
|
Assignee: bkelly → mcmanus
|
|
||
Comment 17•9 years ago
|
||
a try run with both patches applied https://tbpl.mozilla.org/?tree=Try&rev=715d4415e683 we should update that idl documentation to be clear.
Assignee: mcmanus → bkelly
|
|
Assignee | |
Comment 18•9 years ago
|
||
Updated IDL documentation. Carried r+ forward from previous review.
Attachment #8404860 -
Flags: review+
|
|
Assignee | |
Updated•9 years ago
|
Attachment #8403953 -
Attachment is obsolete: true
|
|
Assignee | |
Comment 19•9 years ago
|
||
For some reason the try build is still showing the bustage from bug 994216 even though it includes :myk's fix. Looking at the hg parent for the patches, I think the push did not work as planned. Let me update and push a new try.
|
|
Assignee | |
Comment 20•9 years ago
|
||
https://tbpl.mozilla.org/?tree=Try&rev=bcef6a1aa31c
Comment on attachment 8404386 [details] [diff] [review] PSM HTTP Fetch should own streamloader data Review of attachment 8404386 [details] [diff] [review]: ----------------------------------------------------------------- Great - r=me.
Attachment #8404386 -
Flags: review?(dkeeler) → review+
|
|
Assignee | |
Comment 22•9 years ago
|
||
Try is looking good. I was a bit worried about the orange in mac debug M1, but I finally got it to green. Looks like lots of intermittent results on that one right now. I'll land once the tree re-opens.
|
|
||
Updated•9 years ago
|
Attachment #8404386 -
Flags: review?(honzab.moz)
|
|
||
Comment 23•9 years ago
|
||
(In reply to Ben Kelly [:bkelly] from comment #22) > Try is looking good. I was a bit worried about the orange in mac debug M1, > but I finally got it to green. Looks like lots of intermittent results on > that one right now. > > I'll land once the tree re-opens. that psm patch requires a second review before landing. (see exceptions in http://www.mozilla.org/hacking/reviewers.html)
|
|
Assignee | |
Comment 24•9 years ago
|
||
Thank you for catching me on this. I'm sorry for not knowing that part of the process. This is the first time I've hit a super review or second review situation.
|
|
Assignee | |
Updated•9 years ago
|
Whiteboard: [MemShrink] → [MemShrink][c= p=3 s= u=]
|
|
||
Updated•9 years ago
|
Whiteboard: [MemShrink][c= p=3 s= u=] → [MemShrink:P2][c= p=3 s= u=]
|
|
||
Updated•9 years ago
|
Attachment #8404386 -
Flags: review?(honzab.moz) → review+
|
|
Assignee | |
Comment 25•9 years ago
|
||
Thanks Honza! remote: https://hg.mozilla.org/integration/mozilla-inbound/rev/800df0af4251 remote: https://hg.mozilla.org/integration/mozilla-inbound/rev/feded4c79308
|
||
Comment 26•9 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/800df0af4251 https://hg.mozilla.org/mozilla-central/rev/feded4c79308
Status: ASSIGNED → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla31
You need to log in
before you can comment on or make changes to this bug.
Description
•