Closed
Bug 631536
Opened 14 years ago
Closed 13 years ago
Constantly raising private bytes with setInterval("document.location.hash", 5);
Categories
(Core :: XPCOM, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 654399
Tracking | Status | |
---|---|---|
blocking2.0 | --- | .x+ |
People
(Reporter: mayhemer, Assigned: mayhemer)
References
()
Details
(Keywords: memory-leak, Whiteboard: [softblocker][MemShrink:P2])
Attachments
(1 file)
(deleted),
text/html
|
Details |
See URL. On one machine I can see ~500-1000KB allocated (and not released) each seconds when this page is just open in a new tab. On another I can see ~100KB allocated each second. In few minutes this eats memory up on a machines w/ fewer RAM.
Seems reproducible just on Windows (confirmed 7 and XP).
On OSX there is a constant slight CPU load seen when the page is open.
Comment 1•14 years ago
|
||
Can you either reduce the testcase (on Windows), or get some allocation stacks? Does it happen if you turn off hardware acceleration?
Assignee | ||
Comment 2•14 years ago
|
||
(In reply to comment #1)
> Can you either reduce the testcase (on Windows)
Copying the whole page (Save as...) to my local server makes the case unreproducible.
> or get some allocation stacks?
How can I do that? Put a breakpoint to some moz_alloc function?
> Does it happen if you turn off hardware acceleration?
Turning off HW accel doesn't affect it.
Comment 3•14 years ago
|
||
Well, if this were not Windows I'd tell you to run massif....
Do we know a decent allocation profiler on windows?
Another option, if the VS debugger can do it, is to breakpoint in malloc and have it just log the stack and continue... then look at the resulting data.
Doing a no-jemalloc build and using xperf's heap profiling might work; see https://developer.mozilla.org/En/Profiling_with_Xperf#Heap_Profiling
Assignee | ||
Comment 5•14 years ago
|
||
Looks like a string leak with following callstack, allocating 1018 bytes with moz_malloc:
mozalloc.dll!moz_malloc(unsigned int size=1018) Line 108
xul.dll!nsStringBuffer::Alloc(unsigned int size=1010) Line 209 + 0xd bytes
xul.dll!nsAString_internal::MutatePrep(unsigned int capacity=504, wchar_t * * oldData=0x002dc764, unsigned int * oldFlags=0x002dc760) Line 162 + 0x9 bytes
xul.dll!nsAString_internal::ReplacePrepInternal(unsigned int cutStart=1, unsigned int cutLen=0, unsigned int fragLen=501, unsigned int newLen=502) Line 198 + 0x13 bytes
xul.dll!nsAString_internal::ReplacePrep(unsigned int cutStart=1, unsigned int cutLength=0, unsigned int newLength=501) Line 685
xul.dll!nsAString_internal::Replace(unsigned int cutStart=1, unsigned int cutLength=0, const wchar_t * data=0x11160768, unsigned int length=501) Line 487 + 0x1a bytes
xul.dll!nsAString_internal::Replace(unsigned int cutStart=1, unsigned int cutLength=0, const nsAString_internal & str={...}) Line 378 + 0x28 bytes
xul.dll!nsAString_internal::Append(const nsAString_internal & str={...}) Line 385 + 0x1c bytes
xul.dll!nsLocation::GetHash(nsAString_internal & aHash={...}) Line 408
xul.dll!NS_InvokeByIndex_P(nsISupports * that=0x10f68ef8, unsigned int methodIndex=3, unsigned int paramCount=1, nsXPTCVariant * params=0x002dca98) Line 103
xul.dll!CallMethodHelper::Invoke() Line 3099 + 0x1c bytes
xul.dll!CallMethodHelper::Call() Line 2363 + 0x8 bytes
xul.dll!XPCWrappedNative::CallMethod(XPCCallContext & ccx={...}, XPCWrappedNative::CallMode mode=CALL_GETTER) Line 2327 + 0x16 bytes
xul.dll!XPCWrappedNative::GetAttribute(XPCCallContext & ccx={...}) Line 2651 + 0xe bytes
> xul.dll!XPC_WN_GetterSetter(JSContext * cx=0x1041ebd8, unsigned int argc=0, jsval_layout * vp=0x067400e8) Line 1643 + 0xc bytes
mozjs.dll!js::CallJSNative(JSContext * cx=0x1041ebd8, int (JSContext *, unsigned int, js::Value *)* native=0x64d10fd0, unsigned int argc=0, js::Value * vp=0x067400e8) Line 697 + 0xf bytes
mozjs.dll!js::Invoke(JSContext * cx=0x1041ebd8, const js::CallArgs & argsRef={...}, unsigned int flags=0) Line 683 + 0x22 bytes
mozjs.dll!js::ExternalInvoke(JSContext * cx=0x1041ebd8, const js::Value & thisv={...}, const js::Value & fval={...}, unsigned int argc=0, js::Value * argv=0x00000000, js::Value * rval=0x002dcf44) Line 841 + 0xf bytes
mozjs.dll!js::ExternalGetOrSet(JSContext * cx=0x1041ebd8, JSObject * obj=0x0db27f30, jsid id={...}, const js::Value & fval={...}, JSAccessMode mode=JSACC_READ, unsigned int argc=0, js::Value * argv=0x00000000, js::Value * rval=0x002dcf44) Line 881 + 0x2a bytes
mozjs.dll!js::JSProxyHandler::get(JSContext * cx=0x1041ebd8, JSObject * proxy=0x0db27f30, JSObject * receiver=0x0db27f30, jsid id={...}, js::Value * vp=0x002dcf44) Line 131 + 0x2c bytes
xul.dll!xpc::XrayWrapper<JSWrapper>::get(JSContext * cx=0x1041ebd8, JSObject * wrapper=0x0db27f30, JSObject * receiver=0x0db27f30, jsid id={...}, js::Value * vp=0x002dcf44) Line 766
mozjs.dll!js::JSProxy::get(JSContext * cx=0x1041ebd8, JSObject * proxy=0x0db27f30, JSObject * receiver=0x0db27f30, jsid id={...}, js::Value * vp=0x002dcf44) Line 798 + 0x2c bytes
mozjs.dll!js::proxy_GetProperty(JSContext * cx=0x1041ebd8, JSObject * obj=0x0db27f30, JSObject * receiver=0x0db27f30, jsid id={...}, js::Value * vp=0x002dcf44) Line 915 + 0x19 bytes
mozjs.dll!JSObject::getProperty(JSContext * cx=0x1041ebd8, JSObject * receiver=0x0db27f30, jsid id={...}, js::Value * vp=0x002dcf44) Line 1198 + 0x2c bytes
mozjs.dll!JSObject::getProperty(JSContext * cx=0x1041ebd8, jsid id={...}, js::Value * vp=0x002dcf44) Line 1203
mozjs.dll!InlineGetProp(js::VMFrame & f={...}) Line 1910 + 0x63 bytes
mozjs.dll!js::mjit::stubs::GetProp(js::VMFrame & f={...}) Line 1922 + 0x8 bytes
mozjs.dll!DisabledGetPropIC(js::VMFrame & f={...}, js::mjit::ic::PICInfo * pic=0x110d9c68) Line 1625
1047b291()
mozjs.dll!js::mjit::EnterMethodJIT(JSContext * cx=0x1041ebd8, JSStackFrame * fp=0x06740030, void * code=0x059cbad0, js::Value * stackLimit=0x067cca60) Line 748 + 0x15 bytes
mozjs.dll!CheckStackAndEnterMethodJIT(JSContext * cx=0x1041ebd8, JSStackFrame * fp=0x06740030, void * code=0x059cbad0) Line 774 + 0x15 bytes
mozjs.dll!js::mjit::JaegerShot(JSContext * cx=0x1041ebd8) Line 791 + 0x19 bytes
mozjs.dll!js::RunScript(JSContext * cx=0x1041ebd8, JSScript * script=0x0fc37378, JSStackFrame * fp=0x06740030) Line 637 + 0x9 bytes
mozjs.dll!js::Execute(JSContext * cx=0x1041ebd8, JSObject * chain=0x0d6e5668, JSScript * script=0x0fc37378, JSStackFrame * prev=0x00000000, unsigned int flags=0, js::Value * result=0x00000000) Line 1006 + 0x16 bytes
mozjs.dll!EvaluateUCScriptForPrincipalsCommon(JSContext * cx=0x1041ebd8, JSObject * obj=0x0d6e5668, JSPrincipals * principals=0x10231604, const wchar_t * chars=0x0c2fff60, unsigned int length=28, const char * filename=0x10376110, unsigned int lineno=1, jsval_layout * rval=0x00000000, JSVersion compileVersion=JSVERSION_DEFAULT) Line 4934 + 0x22 bytes
mozjs.dll!JS_EvaluateUCScriptForPrincipalsVersion(JSContext * cx=0x1041ebd8, JSObject * obj=0x0d6e5668, JSPrincipals * principals=0x10231604, const wchar_t * chars=0x0c2fff60, unsigned int length=28, const char * filename=0x10376110, unsigned int lineno=1, jsval_layout * rval=0x00000000, JSVersion version=JSVERSION_DEFAULT) Line 4950 + 0x2e bytes
xul.dll!nsJSContext::EvaluateString(const nsAString_internal & aScript={...}, void * aScopeObject=0x0d6e5668, nsIPrincipal * aPrincipal=0x10231600, const char * aURL=0x10376110, unsigned int aLineNo=1, unsigned int aVersion=0, nsAString_internal * aRetValue=0x00000000, int * aIsUndefined=0x002dd33c) Line 1554 + 0x4c bytes
xul.dll!nsGlobalWindow::RunTimeout(nsTimeout * aTimeout=0x10376198) Line 9090 + 0xb6 bytes
xul.dll!nsGlobalWindow::TimerCallback(nsITimer * aTimer=0x10376220, void * aClosure=0x10376198) Line 9453
xul.dll!nsTimerImpl::Fire() Line 425 + 0xe bytes
xul.dll!nsTimerEvent::Run() Line 519
xul.dll!nsThread::ProcessNextEvent(int mayWait=1, int * result=0x002dd560) Line 633 + 0x19 bytes
xul.dll!NS_ProcessNextEvent_P(nsIThread * thread=0x00d44680, int mayWait=1) Line 250 + 0x16 bytes
xul.dll!mozilla::ipc::MessagePump::Run(base::MessagePump::Delegate * aDelegate=0x00d40e28) Line 134 + 0xe bytes
xul.dll!MessageLoop::RunInternal() Line 220
xul.dll!MessageLoop::RunHandler() Line 203
xul.dll!MessageLoop::Run() Line 177
xul.dll!nsBaseAppShell::Run() Line 198
xul.dll!nsAppShell::Run() Line 258 + 0x9 bytes
xul.dll!nsAppStartup::Run() Line 220 + 0x1c bytes
xul.dll!XRE_main(int argc=3, char * * argv=0x00d3c4a8, const nsXREAppData * aAppData=0x00d3cbc8) Line 3762 + 0x25 bytes
firefox.exe!NS_internal_main(int argc=3, char * * argv=0x00d3c4a8) Line 158 + 0x12 bytes
firefox.exe!wmain(int argc=3, wchar_t * * argv=0x00d30cf0) Line 128 + 0xd bytes
firefox.exe!__tmainCRTStartup() Line 583 + 0x19 bytes
firefox.exe!wmainCRTStartup() Line 403
JS stack (not really useful):
0 anonymous() ["http://w.sharethis.com/share4x/js/st.6b38bb153d12c6097f381edebf08d372.js":1]
tempFucn = undefined
tempFun = undefined
evStr = undefined
i = undefined
temp = undefined
cmd = undefined
args = undefined
hash = undefined
this = [object Object]
1 <TOP LEVEL> ["http://w.sharethis.com/share4x/js/st.6b38bb153d12c6097f381edebf08d372.js":1]
this = [object Window @ 0x102e5ff8 (native @ 0x1030dd88)]
Comment 6•14 years ago
|
||
Are we leaking (or failing to finalize) the JSString objects involved or something?
Assignee | ||
Comment 7•14 years ago
|
||
The buffer is not released by ::ReleaseData because mFlags gets modified by misplaced allocation. Stack trace:
> ntdll.dll!_RtlpValidateHeap@8() + 0x9 bytes
ntdll.dll!_RtlDebugAllocateHeap@12() + 0xab bytes
ntdll.dll!@RtlpAllocateHeap@24() + 0x57d27 bytes
ntdll.dll!_RtlAllocateHeap@12() + 0x502a bytes
msvcr90d.dll!_heap_alloc_base(unsigned int size=86) Line 105 + 0x28 bytes
msvcr90d.dll!_heap_alloc_dbg_impl(unsigned int nSize=50, int nBlockUse=1, const char * szFileName=0x00000000, int nLine=0, int * errno_tmp=0x0018cacc) Line 427 + 0x9 bytes
msvcr90d.dll!_nh_malloc_dbg_impl(unsigned int nSize=50, int nhFlag=0, int nBlockUse=1, const char * szFileName=0x00000000, int nLine=0, int * errno_tmp=0x0018cacc) Line 239 + 0x19 bytes
msvcr90d.dll!_nh_malloc_dbg(unsigned int nSize=50, int nhFlag=0, int nBlockUse=1, const char * szFileName=0x00000000, int nLine=0) Line 296 + 0x1d bytes
msvcr90d.dll!malloc(unsigned int nSize=50) Line 56 + 0x15 bytes
mozalloc.dll!moz_malloc(unsigned int size=50) Line 108 + 0xa bytes
xul.dll!nsStringBuffer::Alloc(unsigned int size=42) Line 209 + 0xd bytes
xul.dll!nsAString_internal::MutatePrep(unsigned int capacity=20, wchar_t * * oldData=0x0018cb70, unsigned int * oldFlags=0x0018cb6c) Line 162 + 0x9 bytes
xul.dll!nsAString_internal::Assign(const nsSubstringTuple & tuple={...}) Line 415 + 0x13 bytes
xul.dll!nsAString_internal::nsAString_internal(const nsSubstringTuple & tuple={...}) Line 576
xul.dll!nsXBLPrototypeHandler::ExecuteHandler(nsPIDOMEventTarget * aTarget=0x080fcd30, nsIDOMEvent * aEvent=0x0c637650) Line 263 + 0x43 bytes
xul.dll!nsXBLEventHandler::HandleEvent(nsIDOMEvent * aEvent=0x0c637650) Line 90
xul.dll!nsEventListenerManager::HandleEventSubType(nsListenerStruct * aListenerStruct=0x08994dd8, nsIDOMEventListener * aListener=0x086a28e0, nsIDOMEvent * aDOMEvent=0x0c637650, nsPIDOMEventTarget * aCurrentTarget=0x080fcd30, unsigned int aPhaseFlags=2, nsCxPusher * aPusher=0x0018d008) Line 1127 + 0x12 bytes
xul.dll!nsEventListenerManager::HandleEventInternal(nsPresContext * aPresContext=0x00000000, nsEvent * aEvent=0x0e016d70, nsIDOMEvent * * aDOMEvent=0x0018cff8, nsPIDOMEventTarget * aCurrentTarget=0x080fcd30, unsigned int aFlags=2, nsEventStatus * aEventStatus=0x0018cffc, nsCxPusher * aPusher=0x0018d008) Line 1224 + 0x27 bytes
xul.dll!nsEventListenerManager::HandleEvent(nsPresContext * aPresContext=0x00000000, nsEvent * aEvent=0x0e016d70, nsIDOMEvent * * aDOMEvent=0x0018cff8, nsPIDOMEventTarget * aCurrentTarget=0x080fcd30, unsigned int aFlags=2, nsEventStatus * aEventStatus=0x0018cffc, nsCxPusher * aPusher=0x0018d008) Line 147
xul.dll!nsEventTargetChainItem::HandleEvent(nsEventChainPostVisitor & aVisitor={...}, unsigned int aFlags=2, int aMayHaveNewListenerManagers=0, nsCxPusher * aPusher=0x0018d008) Line 213
xul.dll!nsEventTargetChainItem::HandleEventTargetChain(nsEventChainPostVisitor & aVisitor={...}, unsigned int aFlags=6, nsDispatchingCallback * aCallback=0x00000000, int aMayHaveNewListenerManagers=0, nsCxPusher * aPusher=0x0018d008) Line 366
xul.dll!nsEventDispatcher::Dispatch(nsISupports * aTarget=0x092f7190, nsPresContext * aPresContext=0x00000000, nsEvent * aEvent=0x0e016d70, nsIDOMEvent * aDOMEvent=0x0c637650, nsEventStatus * aEventStatus=0x0018d158, nsDispatchingCallback * aCallback=0x00000000, nsCOMArray<nsPIDOMEventTarget> * aTargets=0x00000000) Line 628 + 0x1e bytes
xul.dll!nsEventDispatcher::DispatchDOMEvent(nsISupports * aTarget=0x092f7190, nsEvent * aEvent=0x00000000, nsIDOMEvent * aDOMEvent=0x0c637650, nsPresContext * aPresContext=0x00000000, nsEventStatus * aEventStatus=0x0018d158) Line 691 + 0x1d bytes
xul.dll!nsDOMEventTargetHelper::DispatchDOMEvent(nsEvent * aEvent=0x00000000, nsIDOMEvent * aDOMEvent=0x0c637650, nsPresContext * aPresContext=0x00000000, nsEventStatus * aEventStatus=0x0018d158) Line 229 + 0x19 bytes
xul.dll!nsContentUtils::DispatchChromeEvent(nsIDocument * aDoc=0x0c5da0f0, nsISupports * aTarget=0x0c5da0f0, const nsAString_internal & aEventName={...}, int aCanBubble=1, int aCancelable=1, int * aDefaultAction=0x00000000) Line 3438 + 0x1e bytes
xul.dll!nsDocument::DoNotifyPossibleTitleChange() Line 5293 + 0x2c bytes
xul.dll!nsRunnableMethodImpl<void (__thiscall nsDocument::*)(void),0>::Run() Line 346
xul.dll!nsThread::ProcessNextEvent(int mayWait=0, int * result=0x0018d2e8) Line 633 + 0x19 bytes
xul.dll!NS_ProcessNextEvent_P(nsIThread * thread=0x008d4610, int mayWait=0) Line 250 + 0x16 bytes
xul.dll!mozilla::ipc::MessagePump::Run(base::MessagePump::Delegate * aDelegate=0x008d1088) Line 110 + 0xe bytes
xul.dll!MessageLoop::RunInternal() Line 220
xul.dll!MessageLoop::RunHandler() Line 203
xul.dll!MessageLoop::Run() Line 177
xul.dll!nsBaseAppShell::Run() Line 198
xul.dll!nsAppShell::Run() Line 258 + 0x9 bytes
xul.dll!nsAppStartup::Run() Line 220 + 0x1c bytes
xul.dll!XRE_main(int argc=3, char * * argv=0x008cc4a8, const nsXREAppData * aAppData=0x008ccbc8) Line 3762 + 0x25 bytes
firefox.exe!NS_internal_main(int argc=3, char * * argv=0x008cc4a8) Line 158 + 0x12 bytes
firefox.exe!wmain(int argc=3, wchar_t * * argv=0x008c0cf0) Line 128 + 0xd bytes
firefox.exe!__tmainCRTStartup() Line 583 + 0x19 bytes
firefox.exe!wmainCRTStartup() Line 403
The string instance that calls nsAString_internal::MutatePrep here IS NOT the same instance as the one the flags are being overwritten.
Comment 8•14 years ago
|
||
This needs to block.
blocking2.0: --- → ?
Component: General → XPCOM
Product: Firefox → Core
QA Contact: general → xpcom
Assignee | ||
Comment 9•14 years ago
|
||
And one more note: the leaking nsAString instance is just a single one. We do not release correctly on reallocation, this is a cycle of calls on places that allocs/deallocs:
nsAString_internal::MutatePrep() - calls nsStringBuffer::Alloc
nsAString_internal::ReplacePrepInternal() - calls ::ReleaseData <= NOT RELEASING
nsAString_internal::Finalize(void) - calls ::ReleaseData
nsAString_internal::SetCapacity() - calls ::ReleaseData
nsAString_internal::ReplacePrepInternal() - calls ::ReleaseData
nsAString_internal::MutatePrep() - calls nsStringBuffer::Alloc
nsAString_internal::ReplacePrepInternal - calls ::ReleaseData <= NOT RELEASING
etc...
Comment 10•14 years ago
|
||
Blocking, and Cc:ing some more people who may have ideas on this string data leak. And assigning to Honza for now, as he's clearly able to reproduce. Honza, please speak up if you need help here.
Assignee: nobody → honzab.moz
blocking2.0: ? → final+
Whiteboard: [softblocker]
Assignee | ||
Comment 11•14 years ago
|
||
Assignee | ||
Comment 12•14 years ago
|
||
We call AddRef() on some buffers more then ones.
// New storage created, ref cnt == 1 initially, will be released in the string destructor
NEW: this=0x13c6f2d0 {mRefCount=1 mStorageSize=1010 }, mRefCount=1, xul.dll!nsStringBuffer::Alloc()
xul.dll!nsAString_internal::MutatePrep()
xul.dll!nsAString_internal::ReplacePrepInternal()
xul.dll!nsAString_internal::ReplacePrep()
xul.dll!nsAString_internal::Replace()
xul.dll!nsAString_internal::Replace()
xul.dll!nsAString_internal::Append()
xul.dll!nsLocation::GetHash()
xul.dll!NS_InvokeByIndex_P()
xul.dll!CallMethodHelper::Invoke()
xul.dll!CallMethodHelper::Call()
xul.dll!XPCWrappedNative::CallMethod()
xul.dll!XPCWrappedNative::GetAttribute()
xul.dll!XPC_WN_GetterSetter()
mozjs.dll!js::CallJSNative()
mozjs.dll!js::Invoke()
mozjs.dll!js::ExternalInvoke()
mozjs.dll!js::ExternalGetOrSet()
mozjs.dll!js::JSProxyHandler::get()
xul.dll!xpc::XrayWrapper<JSWrapper>::get()
mozjs.dll!js::JSProxy::get()
mozjs.dll!js::proxy_GetProperty()
mozjs.dll!JSObject::getProperty()
mozjs.dll!JSObject::getProperty()
mozjs.dll!InlineGetProp()
mozjs.dll!js::mjit::stubs::GetProp()
mozjs.dll!DisabledGetPropIC()
12c74be1()
mozjs.dll!js::mjit::EnterMethodJIT()
mozjs.dll!CheckStackAndEnterMethodJIT()
mozjs.dll!js::mjit::JaegerShot()
mozjs.dll!js::RunScript()
mozjs.dll!js::Execute()
mozjs.dll!EvaluateUCScriptForPrincipalsCommon()
mozjs.dll!JS_EvaluateUCScriptForPrincipalsVersion()
xul.dll!nsJSContext::EvaluateString()
xul.dll!nsGlobalWindow::RunTimeout()
xul.dll!nsGlobalWindow::TimerCallback()
xul.dll!nsTimerImpl::Fire()
xul.dll!nsTimerEvent::Run()
xul.dll!nsThread::ProcessNextEvent()
xul.dll!NS_ProcessNextEvent_P()
xul.dll!mozilla::ipc::MessagePump::Run()
xul.dll!MessageLoop::RunInternal()
xul.dll!MessageLoop::RunHandler()
xul.dll!MessageLoop::Run()
xul.dll!nsBaseAppShell::Run()
xul.dll!nsAppShell::Run()
xul.dll!nsAppStartup::Run()
xul.dll!XRE_main()
firefox.exe!NS_internal_main()
firefox.exe!wmain()
firefox.exe!__tmainCRTStartup()
firefox.exe!wmainCRTStartup()
kernel32.dll!75ac3677()
[Frames below may be incorrect and/or missing, no symbols loaded for kernel32.dll]
ntdll.dll!76f79d42()
ntdll.dll!76f79d15()
// JS adds a ref here, mRefCount is the number on entering the AddRef method, so it is 2 when it is left
ADD: this=0x13c6f2d0 {mRefCount=1 mStorageSize=1010 }, mRefCount=1, xul.dll!nsStringBuffer::AddRef()
xul.dll!XPCConvert::NativeData2JS()
xul.dll!XPCConvert::NativeData2JS()
xul.dll!CallMethodHelper::GatherAndConvertResults()
xul.dll!CallMethodHelper::Call()
xul.dll!XPCWrappedNative::CallMethod()
xul.dll!XPCWrappedNative::GetAttribute()
xul.dll!XPC_WN_GetterSetter()
mozjs.dll!js::CallJSNative()
mozjs.dll!js::Invoke()
mozjs.dll!js::ExternalInvoke()
mozjs.dll!js::ExternalGetOrSet()
mozjs.dll!js::JSProxyHandler::get()
xul.dll!xpc::XrayWrapper<JSWrapper>::get()
mozjs.dll!js::JSProxy::get()
mozjs.dll!js::proxy_GetProperty()
mozjs.dll!JSObject::getProperty()
mozjs.dll!JSObject::getProperty()
mozjs.dll!InlineGetProp()
mozjs.dll!js::mjit::stubs::GetProp()
mozjs.dll!DisabledGetPropIC()
12c74be1()
mozjs.dll!js::mjit::EnterMethodJIT()
mozjs.dll!CheckStackAndEnterMethodJIT()
mozjs.dll!js::mjit::JaegerShot()
mozjs.dll!js::RunScript()
mozjs.dll!js::Execute()
mozjs.dll!EvaluateUCScriptForPrincipalsCommon()
mozjs.dll!JS_EvaluateUCScriptForPrincipalsVersion()
xul.dll!nsJSContext::EvaluateString()
xul.dll!nsGlobalWindow::RunTimeout()
xul.dll!nsGlobalWindow::TimerCallback()
xul.dll!nsTimerImpl::Fire()
xul.dll!nsTimerEvent::Run()
xul.dll!nsThread::ProcessNextEvent()
xul.dll!NS_ProcessNextEvent_P()
xul.dll!mozilla::ipc::MessagePump::Run()
xul.dll!MessageLoop::RunInternal()
xul.dll!MessageLoop::RunHandler()
xul.dll!MessageLoop::Run()
xul.dll!nsBaseAppShell::Run()
xul.dll!nsAppShell::Run()
xul.dll!nsAppStartup::Run()
xul.dll!XRE_main()
firefox.exe!NS_internal_main()
firefox.exe!wmain()
firefox.exe!__tmainCRTStartup()
firefox.exe!wmainCRTStartup()
kernel32.dll!75ac3677()
[Frames below may be incorrect and/or missing, no symbols loaded for kernel32.dll]
ntdll.dll!76f79d42()
ntdll.dll!76f79d15()
// Destructor of the string releases its ref
REL: this=0x13c6f2d0 {mRefCount=2 mStorageSize=1010 }, mRefCount=2, xul.dll!nsStringBuffer::Release()
xul.dll!ReleaseData()
xul.dll!nsAString_internal::Finalize()
xul.dll!nsAString_internal::~nsAString_internal()
xul.dll!nsString::~nsString()
xul.dll!nsFixedString::~nsFixedString()
xul.dll!nsAutoString::~nsAutoString()
xul.dll!nsAutoString::`scalar deleting destructor'()
xul.dll!js::LazilyConstructed<nsAutoString>::~LazilyConstructed<nsAutoString>()
xul.dll!CallMethodHelper::~CallMethodHelper()
xul.dll!XPCWrappedNative::CallMethod()
xul.dll!XPCWrappedNative::GetAttribute()
xul.dll!XPC_WN_GetterSetter()
mozjs.dll!js::CallJSNative()
mozjs.dll!js::Invoke()
mozjs.dll!js::ExternalInvoke()
mozjs.dll!js::ExternalGetOrSet()
mozjs.dll!js::JSProxyHandler::get()
xul.dll!xpc::XrayWrapper<JSWrapper>::get()
mozjs.dll!js::JSProxy::get()
mozjs.dll!js::proxy_GetProperty()
mozjs.dll!JSObject::getProperty()
mozjs.dll!JSObject::getProperty()
mozjs.dll!InlineGetProp()
mozjs.dll!js::mjit::stubs::GetProp()
mozjs.dll!DisabledGetPropIC()
12c74be1()
mozjs.dll!js::mjit::EnterMethodJIT()
mozjs.dll!CheckStackAndEnterMethodJIT()
mozjs.dll!js::mjit::JaegerShot()
mozjs.dll!js::RunScript()
mozjs.dll!js::Execute()
mozjs.dll!EvaluateUCScriptForPrincipalsCommon()
mozjs.dll!JS_EvaluateUCScriptForPrincipalsVersion()
xul.dll!nsJSContext::EvaluateString()
xul.dll!nsGlobalWindow::RunTimeout()
xul.dll!nsGlobalWindow::TimerCallback()
xul.dll!nsTimerImpl::Fire()
xul.dll!nsTimerEvent::Run()
xul.dll!nsThread::ProcessNextEvent()
xul.dll!NS_ProcessNextEvent_P()
xul.dll!mozilla::ipc::MessagePump::Run()
xul.dll!MessageLoop::RunInternal()
xul.dll!MessageLoop::RunHandler()
xul.dll!MessageLoop::Run()
xul.dll!nsBaseAppShell::Run()
xul.dll!nsAppShell::Run()
xul.dll!nsAppStartup::Run()
xul.dll!XRE_main()
firefox.exe!NS_internal_main()
firefox.exe!wmain()
firefox.exe!__tmainCRTStartup()
firefox.exe!wmainCRTStartup()
kernel32.dll!75ac3677()
[Frames below may be incorrect and/or missing, no symbols loaded for kernel32.dll]
ntdll.dll!76f79d42()
ntdll.dll!76f79d15()
And the second addref by JS [1] is not released.
[1] http://mxr.mozilla.org/mozilla-central/source/js/src/xpconnect/src/xpcconvert.cpp#356
Assignee | ||
Comment 13•14 years ago
|
||
Yeah, and since now I have no idea how to continue. Someone take this please or let me know how to proceed.
Comment 14•14 years ago
|
||
This *could* be related to bug 614347.
Comment 15•14 years ago
|
||
> And the second addref by JS [1] is not released.
Like I said, are we failing to either collect of finalize JSStrings? The finalizer of that JSString should be calling Release.
Honza, can you see whether we ever enter js_FinalizeStringRT for the string created in XPCConvert::NativeData2JS? If so, do we enter FinalizeXPCOMUCString for the stringbuffer in question?
I'm assuming no to both of those...
Assignee | ||
Comment 16•14 years ago
|
||
(In reply to comment #14)
> This *could* be related to bug 614347.
That bug's patch doesn't help fixing this bug.
Assignee | ||
Comment 17•14 years ago
|
||
(In reply to comment #15)
> > And the second addref by JS [1] is not released.
>
> Like I said, are we failing to either collect of finalize JSStrings? The
> finalizer of that JSString should be calling Release.
>
> Honza, can you see whether we ever enter js_FinalizeStringRT for the string
> created in XPCConvert::NativeData2JS?
We don't.
> If so, do we enter FinalizeXPCOMUCString
> for the stringbuffer in question?
>
> I'm assuming no to both of those...
Neither.
Comment 18•14 years ago
|
||
Sounds like we're either not garbage-collecting those strings or not finalizing them properly.
Comment 19•14 years ago
|
||
Do we leak other stuff in this case, i.e. nsGlobalWindow's?
Assignee | ||
Comment 20•14 years ago
|
||
(In reply to comment #19)
> Do we leak other stuff in this case, i.e. nsGlobalWindow's?
No. When I open the page from a mochitest environment to have leak logs, I see no leaks in the final log.
Also, it behaves a bit different: I can see allocation of 256K about every 2 seconds, i.e. it's more jumpy. Normally (a pure debug build running) I can see allocation of about 50K every 0.5 seconds.
Honza, if you leave the page, and wait a little bit, is the memory recovered?
Assignee | ||
Comment 22•14 years ago
|
||
(In reply to comment #21)
> Honza, if you leave the page, and wait a little bit, is the memory recovered?
Looks like it is. I can see the missing Release() call on all allocated strings.
Comment 23•14 years ago
|
||
I assume in comment 2 you did "save as, complete"?
Assignee | ||
Comment 24•14 years ago
|
||
(In reply to comment #23)
> I assume in comment 2 you did "save as, complete"?
Yes, it is set default.
Comment 25•14 years ago
|
||
OK. So if the stack in comment 5 is representative, the JS around that callsite is:
this.checkFragment = function () {
var hash = document.location.hash.substring(1);
if (hash.length > 0 && hash !== this.oldQS) {
var args = hash.split("/");
this.oldQS = hash;
var cmd = args.shift();
cmd = "fragmentPump." + cmd;
var temp = "";
if (true == /page=send/gi.test(hash) || true == /page-=-send/gi.test(hash)) {
showLoadingBox()
}
for (var i = 0; i < args.length; i++) {
temp = temp + '"' + args[i] + '"';
if (i < (args.length - 1)) {
temp = temp + ","
}
}
var evStr = cmd + "(" + temp + ")";
if (cmd == "fragmentPump.init" || cmd == "fragmentPump.test" || cmd == "fragmentPump.data" || cmd == "fragmentPump.show" || cmd == "fragmentPump.popup" || cmd == "fragmentPump.widget" || cmd == "fragmentPump.light") {
var tempFun = eval("window." + cmd);
if (tempFun) {
var tempFucn = new Function(evStr);
tempFucn()
} else {}
}
}
};
I assume that we do run GC here every so often, right? Do we finalize those Function objects?
Comment 26•14 years ago
|
||
I can reproduce this in a clean profile (Current nightly on Win7x64 D3D9), just having that page open in a tab and looking at about:memory it grows constantly. Started from 35MB, opening the page it grew up to 65MB, then it started increasing up to 150MB, waiting a bit with the window idle brought back memory to about 100MB.
I only have about:memory and this page open on this clean profile.
Assignee | ||
Comment 27•14 years ago
|
||
Confirming comment 25. The string in question is the 'hash' local var.
Assignee | ||
Comment 28•14 years ago
|
||
Also to complete the source code, above the lines in comment 25 is exactly the following:
fragmentPump = new
function () {
this.fragTimer = "";
this.oldQS = "";
this.callBuffer = [];
this.initRun = false;
this.initialize = function () {
> this.fragTimer = setInterval("fragmentPump.checkFragment()", 5)
};
this.startint = function () {
setInterval(this.checkFragment.bind(this), 250)
};
checkFragment is called from the line marked with >, i.e. 200 times a second...
Comment 29•14 years ago
|
||
Well, 100 times a second because we clamp it to a 10ms timer for now.
But ok. Do we ever run GC in this case?
Assignee | ||
Comment 30•14 years ago
|
||
Comment 31•14 years ago
|
||
** PRODUCT DRIVERS PLEASE NOTE **
This bug is one of 7 automatically changed from blocking2.0:final+ to blocking2.0:.x during the endgame of Firefox 4 for the following reasons:
- it was marked as a soft blocking issue without a requirement for beta coverage
blocking2.0: final+ → .x+
Updated•14 years ago
|
Summary: Constantly raising private bytes allocation on a web page → Constantly raising private bytes with setInterval("document.location.hash", 5);
Comment 32•14 years ago
|
||
Is this a dupe of bug 654399?
Updated•14 years ago
|
Blocks: mlk-fx4-beta
Updated•14 years ago
|
Whiteboard: [softblocker] → [softblocker][MemShrink:P2]
Updated•13 years ago
|
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•