Open
Bug 471769
Opened 16 years ago
Updated 2 years ago
nsGlobalWindow can't call getService from its destructor
Categories
(Core :: DOM: Core & HTML, defect, P5)
Tracking
()
NEW
People
(Reporter: timeless, Unassigned)
References
(Blocks 1 open bug)
Details
Attachments
(1 obsolete file)
While this is probably at least partly a bug in xpconnect, however I think there are too many other cases where things like this could happen.
xpcom_core!NS_DebugBreak_P(unsigned int aSeverity = 1, char * aStr = 0x0012f20c "Potential deadlock between XPCJSRuntime::mMapLockMonitor@da9290 and nsComponentManagerImplMonitor@ced098", char * aExpr = 0x0035057c "Error", char * aFile = 0x00350518 "c:/home/mozilla.org/comm-central/dbg-thunderbird-i686-pc-mingw32/mozilla/xpcom/build/nsAutoLock.cpp", int aLine = 318)+0x2a4
xpcom_core!nsAutoLockBase::nsAutoLockBase(void * addr = 0x00ced098, nsAutoLockBase::nsAutoLockType type = eAutoMonitor (1))+0x138
xpcom_core!nsAutoMonitor::nsAutoMonitor(struct PRMonitor * mon = 0x00ced098)+0x15
xpcom_core!nsComponentManagerImpl::GetServiceByContractID
xpcom_core!CallGetService(char * aContractID = 0x02e0adf4 "@mozilla.org/observer-service;1", struct nsID * aIID = 0x02c7c5e0, void ** aResult = 0x0012f370)+0x4d
xpcom_core!nsGetServiceByContractID::operator()
gklayout!nsCOMPtr<nsIObserverService>::assign_from_gs_contractid
gklayout!nsCOMPtr<nsIObserverService>::nsCOMPtr<nsIObserverService>
gklayout!nsGlobalWindow::~nsGlobalWindow
gklayout!nsGlobalChromeWindow::~nsGlobalChromeWindow
gklayout!nsGlobalChromeWindow::`scalar deleting destructor'
gklayout!nsGlobalWindow::Release
gklayout!nsGlobalChromeWindow::Release
xpc3250!nsCOMPtr<nsIScriptObjectPrincipal>::~nsCOMPtr<nsIScriptObjectPrincipal>
xpc3250!XPCWrappedNativeScope::~XPCWrappedNativeScope
xpc3250!XPCWrappedNativeScope::`scalar deleting destructor'
xpc3250!XPCWrappedNativeScope::KillDyingScopes
// FIXME The lock may not be necessary since we are inside
// JSGC_FINALIZE_END callback and at this point GC still serializes access
// to JS runtime. See bug 380139.
XPCAutoLock lock(rt->GetMapLock());
KillDyingScopes();
xpc3250!XPCWrappedNativeScope::FinishedFinalizationPhaseOfGC
xpc3250!XPCJSRuntime::GCCallback
gklayout!DOMGCCallback(struct JSContext * cx = 0x01e4cb70, JSGCStatus status = JSGC_FINALIZE_END (3))+0x1d
js3250!js_GC
js3250!js_DestroyContext
js3250!JS_DestroyContext(struct JSContext * cx = 0x01e4cb70)+0xe
xpc3250!nsXPConnect::ReleaseJSContext
gklayout!nsJSContext::Unlink
gklayout!nsJSContext::~nsJSContext
gklayout!nsJSContext::`scalar deleting destructor'
gklayout!nsJSContext::Release
xpcom_core!nsCOMPtr<nsITimerCallback>::assign_assuming_AddRef
xpcom_core!nsCOMPtr<nsITimerCallback>::assign_with_AddRef
xpcom_core!nsCOMPtr<nsITimerCallback>::operator=
xpcom_core!nsTimerImpl::Fire
xpcom_core!nsTimerEvent::Run
xpcom_core!nsThread::ProcessNextEvent
xpcom_core!NS_ProcessNextEvent_P
gkwidget!nsBaseAppShell::Run
tkitcmps!nsAppStartup::Run
xul!XRE_main
Attachment #355021 -
Flags: review?(jst)
|
||
Comment 1•16 years ago
|
||
Comment on attachment 355021 [details] [diff] [review]
don't use getservice from the destructor
Peter, we wouldn't need to do anything with the cycle collector here to avoid leaking would we?
Attachment #355021 -
Flags: superreview?(peterv)
Attachment #355021 -
Flags: review?(jst)
Attachment #355021 -
Flags: review+
|
||
Comment 2•16 years ago
|
||
Comment on attachment 355021 [details] [diff] [review]
don't use getservice from the destructor
Observer service doesn't participate in cycle collection, so this should be ok.
Attachment #355021 -
Flags: superreview?(peterv) → superreview+
|
|
||
Updated•16 years ago
|
Keywords: checkin-needed
|
||
Updated•16 years ago
|
Attachment #355021 -
Attachment is obsolete: true
Comment on attachment 355021 [details] [diff] [review]
don't use getservice from the destructor
This causes shutdown assertions:
###!!! ASSERTION: Using observer service after XPCOM shutdown!: 'Error', file /Users/bent/src/mozilla/domthreads/xpcom/ds/nsObserverService.cpp, line 145
#0 NS_DebugBreak_P (aSeverity=1, aStr=0x572428 "Using observer service after XPCOM shutdown!", aExpr=0x56fc6c "Error", aFile=0x572310 "/Users/bent/src/mozilla/domthreads/xpcom/ds/nsObserverService.cpp", aLine=145) at /Users/bent/src/mozilla/domthreads/xpcom/base/nsDebugImpl.cpp:265
#1 0x004c5f11 in nsObserverService::RemoveObserver (this=0x822250, anObserver=0x16970430, aTopic=0x12185094 "network:offline-status-changed") at /Users/bent/src/mozilla/domthreads/xpcom/ds/nsObserverService.cpp:145
#2 0x11dd4425 in nsGlobalWindow::~nsGlobalWindow (this=0x16970270) at /Users/bent/src/mozilla/domthreads/dom/src/base/nsGlobalWindow.cpp:731
#3 0x11df25cb in nsGlobalChromeWindow::~nsGlobalChromeWindow (this=0x16970270) at nsGlobalWindow.h:753
#4 0x11dc5e2e in nsGlobalWindow::Release (this=0x16970270) at /Users/bent/src/mozilla/domthreads/dom/src/base/nsGlobalWindow.cpp:999
#5 0x11dc7d62 in nsGlobalChromeWindow::Release (this=0x16970270) at /Users/bent/src/mozilla/domthreads/dom/src/base/nsGlobalWindow.cpp:8469
#6 0x004ae97a in nsXPCOMCycleCollectionParticipant::Unroot (this=0x12252bd8, p=0x169702a0) at nsCycleCollectionParticipant.cpp:74
#7 0x0053d0fd in nsCycleCollector::CollectWhite (this=0xa30000) at /Users/bent/src/mozilla/domthreads/xpcom/base/nsCycleCollector.cpp:1682
#8 0x0053d15f in nsCycleCollector::FinishCollection (this=0xa30000) at /Users/bent/src/mozilla/domthreads/xpcom/base/nsCycleCollector.cpp:2440
#9 0x0053d1dd in nsCycleCollector_finishCollection () at /Users/bent/src/mozilla/domthreads/xpcom/base/nsCycleCollector.cpp:2922
#10 0x00b1cd72 in XPCCycleCollectGCCallback (cx=0x1045200, status=JSGC_END) at /Users/bent/src/mozilla/domthreads/js/src/xpconnect/src/nsXPConnect.cpp:404
#11 0x002ad097 in js_GC (cx=0x1045200, gckind=GC_NORMAL) at /Users/bent/src/mozilla/domthreads/js/src/jsgc.cpp:3848
#12 0x0025e053 in JS_GC (cx=0x1045200) at /Users/bent/src/mozilla/domthreads/js/src/jsapi.cpp:2493
#13 0x00b18d8f in nsXPConnect::Collect (this=0x82f380) at /Users/bent/src/mozilla/domthreads/js/src/xpconnect/src/nsXPConnect.cpp:478
#14 0x0053d705 in nsCycleCollector::Collect (this=0xa30000, aTryCollections=5) at /Users/bent/src/mozilla/domthreads/xpcom/base/nsCycleCollector.cpp:2256
#15 0x0053d823 in nsCycleCollector::Shutdown (this=0xa30000) at /Users/bent/src/mozilla/domthreads/xpcom/base/nsCycleCollector.cpp:2477
#16 0x0053d859 in nsCycleCollector_shutdown () at /Users/bent/src/mozilla/domthreads/xpcom/base/nsCycleCollector.cpp:2938
#17 0x004b7cf8 in NS_ShutdownXPCOM_P (servMgr=0x0) at /Users/bent/src/mozilla/domthreads/xpcom/build/nsXPComInit.cpp:815
#18 0x000da201 in ScopedXPCOMStartup::~ScopedXPCOMStartup (this=0xbffff3ec) at /Users/bent/src/mozilla/domthreads/toolkit/xre/nsAppRunner.cpp:888
#19 0x000e1c1d in XRE_main (argc=3, argv=0xbffff6ec, aAppData=0x80e210) at /Users/bent/src/mozilla/domthreads/toolkit/xre/nsAppRunner.cpp:3257
#20 0x000027cb in main (argc=3, argv=0xbffff6ec) at /Users/bent/src/mozilla/domthreads/browser/app/nsBrowserApp.cpp:156
|
|
||
Updated•16 years ago
|
Keywords: checkin-needed
FWIW I think we can fix this by registering windows as weak-ref observers and then observe an additional topic ('xpcom-shutdown' most likely) to flag that we should *not* try to get the observer service in NotifyDOMWindowDestroyed.
|
||
Comment 5•6 years ago
|
||
https://bugzilla.mozilla.org/show_bug.cgi?id=1472046
Move all DOM bugs that haven't been updated in more than 3 years and has no one currently assigned to P5.
If you have questions, please contact :mdaly.
Priority: -- → P5
|
Assignee | |
Updated•6 years ago
|
Component: DOM → DOM: Core & HTML
|
||
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•