Closed
Bug 820196
Opened 12 years ago
Closed 12 years ago
CSP slows down app startup by ~12%
Categories
(Firefox OS Graveyard :: General, defect, P4)
Tracking
(blocking-basecamp:-, firefox19 fixed, firefox20 fixed, b2g18+ fixed)
RESOLVED
FIXED
blocking-basecamp | - |
People
(Reporter: zbraniecki, Assigned: geekboy)
References
Details
(Keywords: perf)
Attachments
(2 files, 2 obsolete files)
(deleted),
patch
|
geekboy
:
review+
sicking
:
approval-mozilla-aurora+
sicking
:
approval-mozilla-b2g18+
|
Details | Diff | Splinter Review |
(deleted),
patch
|
fabrice
:
review+
|
Details | Diff | Splinter Review |
It seems that just turning off security.csp.enable has a major performance impact on app startup times. Settings app: | with CSP | without CSP | % ------------------------------------------------------- firstPaint | 1299 (29) | 1167 (24) | +10.2% DOMContentLoaded | 1051 (16) | 919 (35) | +12.6% window.load | 1154 (26) | 1042 (38) | +9.8% SMS app: | with CSP | without CSP | % ------------------------------------------------------- firstPaint | 1393 (28) | 1155 (6) | +17.1% DOMContentLoaded | 871 (8) | 714 (4) | +18.1% window.load | 1429 (36) | 1184 (4) | +17.2% Homescreen app: | with CSP | without CSP | % ---------------------------------------------------- firstPaint | 3945 (472) | 3673 (218) | +6.9% The numbers are AVG of 5 cold reboots, the numers in () are STDEV.
Comment 2•12 years ago
|
||
This was showing up in the profiles from time to time: if you look at bug 797194 and bug 817052 you can see that it's taking an appreciable amount of time in those applications.
Comment 3•12 years ago
|
||
Triage: This sounds like a perf bug that could be worth taking a look at if the 12% number is correct and this effects all pre-installed apps.
Keywords: perf
Priority: -- → P3
Updated•12 years ago
|
blocking-basecamp: ? → +
Updated•12 years ago
|
blocking-basecamp: + → ?
Comment 5•12 years ago
|
||
I have done some timings and we spend between 150ms and 300ms in shouldLoad() depending on which app we run. I have a patch to gain around 50ms to 100ms, but we have a somewhat fixed cost proportional to the number of resources loaded, that can be quite high.
Assignee | ||
Comment 6•12 years ago
|
||
fabrice: what does your patch do? We might be able to short-cut a lot of the calls to shouldLoad() for things that don't need to be subject to the policy. We *might* also be able to remove a layer of xpcom-ification in shouldLoad().
Assignee | ||
Comment 7•12 years ago
|
||
Fabrice: here are some potential optimizations, though I'm not sure how much they'll help since I have no idea what percent of app-related calls to shouldLoad are due to chrome, resource, or other non-CSP-subject loads.
Attachment #691411 -
Flags: feedback?(fabrice)
Comment 8•12 years ago
|
||
The main gain here comes from adding a cache of already seen resources, and also removing whatever is in the hot path (even building debug strings can be painful as we discovered with the contacts API). remove a layer of xpcom-ification in shouldLoad() looks likes a great idea, but is this doable without a c++ rewrite?
Attachment #691419 -
Flags: feedback?(sstamm)
Assignee | ||
Comment 9•12 years ago
|
||
Comment on attachment 691419 [details] [diff] [review] patch Review of attachment 691419 [details] [diff] [review]: ----------------------------------------------------------------- Hm, interesting. The caching looks reasonable since there's one cache per document (app), so that should not bloat memory too too much. I assume the cache gains come from images that are reused frequently in an app. And really, unused strings slow things down? That's unfortunate. The debug strings you commented out are noncritical, though in desktop if you flip the csp.debug pref on, it is helpful to know what CSP is processing. Is there a way we can get the gain for b2g without removing those debug strings from desktop?
Attachment #691419 -
Flags: feedback?(sstamm)
Comment 10•12 years ago
|
||
We discussed this during triage today and while we don't think we can treat it as a blocker, we'd love to see it fixed (hence soft blocker P4/bb-). Sid, it seems you're working on this so I've assigned it to you. Feel free to re-assign if that's incorrect.
Assignee: nobody → sstamm
blocking-basecamp: ? → -
Priority: P3 → P4
Assignee | ||
Comment 11•12 years ago
|
||
I'm not sure how to check if these patches help... Fabrice, can you check the timings with these patches, or who can help out here?
Assignee: sstamm → nobody
Reporter | ||
Comment 12•12 years ago
|
||
I can check. Do you want me to check the timings of those two combined, or one by one?
Assignee | ||
Comment 13•12 years ago
|
||
Individually, if it's not too much work. I'd like to know what's causing the slow-down (and whether it's repeated resource loads or unnecessary checks).
Reporter | ||
Comment 14•12 years ago
|
||
With boot animation turned off. Email app: | with CSP | without CSP | diff ------------------------------------------------------- firstPaint | 4923 (54) | 4770 (51) | -153ms DOMContentLoaded | 4590 (52) | 4452 (56) | -138ms window.load | 4688 (51) | 4542 (56) | -146ms Email app: | with CSP | sid's patch | diff ------------------------------------------------------- firstPaint | 4923 (54) | 4919 (89) | -4ms DOMContentLoaded | 4590 (52) | 4575 (68) | -15ms window.load | 4688 (51) | 4670 (69) | -18ms Email app: | with CSP | fabrice's patch | diff ----------------------------------------------------------- firstPaint | 4923 (54) | 4842 (31) | -81ms DOMContentLoaded | 4590 (52) | 4518 (26) | -72ms window.load | 4688 (51) | 4610 (26) | -78ms So it seems that Fabrice's patch does cut the CSP penalty by half. Sid's doesn't seem to have any major impact here. Sid: Your patch goes fast path for certain resource types but does it help with resources that are loaded via app:// ? All the resources within the app are loaded from within this app's zip file. Overall, I'm not sure why do we need CSP here, since as far as I understand CSP we will load all local resources for the app, always, but could we do something to fastpath all JS/CSS/IMG that are coming from this app's local zip, plus shared?
Assignee | ||
Comment 15•12 years ago
|
||
My patch indeed does not help with any app:// resources. I expected it to be barely helpful, but it probably doesn't hurt to make those changes with the caching -- which appears to be helpful. I'm not sure we can fastpath same-origin (app-local) resources since the app may have specified a strict CSP in its manifest that forbids one content type or another. Regarding turning off CSP for apps: I'll comment in bug 821169.
Comment 16•12 years ago
|
||
Sid, I merged our 2 patches and used a #ifdef to let the debug info be there on non-b2g products. I think we should go on with this simple patch for now and file another one for you to look at a bigger rewrite.
Assignee: nobody → fabrice
Attachment #691411 -
Attachment is obsolete: true
Attachment #691419 -
Attachment is obsolete: true
Attachment #691411 -
Flags: feedback?(fabrice)
Attachment #691967 -
Flags: review?(sstamm)
Updated•12 years ago
|
Blocks: Camera-Startup
Updated•12 years ago
|
Blocks: Settings-Startup
Comment 17•12 years ago
|
||
Andrew I know you discussed that in triage and you decide to not make it a blocker. Solving this will be a big win for Gaia and all apps in general (since all privileged applications would also suffer this). So I'm blocking-basecamp? it again. If it does not block, can you explain the rationale here?
blocking-basecamp: - → ?
Comment 18•12 years ago
|
||
(In reply to Vivien Nicolas (:vingtetun) from comment #17) > Andrew I know you discussed that in triage and you decide to not make it a > blocker. Solving this will be a big win for Gaia and all apps in general > (since all privileged applications would also suffer this). So I'm > blocking-basecamp? it again. If it does not block, can you explain the > rationale here? The rationale the other day was that we should ship 1.0 with this behaviour even though it sucks. We'll discuss it again today with your comments in mind. Thanks for providing them.
Assignee | ||
Comment 19•12 years ago
|
||
Comment on attachment 691967 [details] [diff] [review] patch Review of attachment 691967 [details] [diff] [review]: ----------------------------------------------------------------- Looks good to me.
Attachment #691967 -
Flags: review?(sstamm) → review+
Not blocking here, but we'll approve the uplift. Sid: Please do spend more time on this. While we wouldn't stop ship if this bug isn't fixed, making CSP faster will help B2G a lot. If you do have other blocking B2G bugs assigned to you, then definitely prioritize those first, but otherwise help here is greatly appreciated.
blocking-basecamp: ? → -
Comment on attachment 691967 [details] [diff] [review] patch [Triage Comment]
Attachment #691967 -
Flags: approval-mozilla-b2g18+
Attachment #691967 -
Flags: approval-mozilla-aurora+
Assignee | ||
Comment 22•12 years ago
|
||
(In reply to Jonas Sicking (:sicking) from comment #20) > Sid: Please do spend more time on this. I will keep working on this, but I'm not sure there's much at all that we can do for significant performance gains short of rewriting the whole thing without JS and without XPCOM. More detailed profiling would be helpful to track down exactly which calls and stacks cause the slowness -- though good profiling is a skill I do not possess. Regardless, I have a hunch the overhead is just ContentPolicy calls through XPCOM that are added to each load, and the solution for that is to as much xpcomification as we can (and compile the rest).
Comment 24•12 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/30de61bc8321
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Comment 25•12 years ago
|
||
https://hg.mozilla.org/releases/mozilla-aurora/rev/083ea967f797 https://hg.mozilla.org/releases/mozilla-b2g18/rev/7d2b58f8bd7a
Comment 26•12 years ago
|
||
Backed out for build bustage. Please provide a branch-specific patch or get landing approval for whatever this depends on. https://hg.mozilla.org/releases/mozilla-aurora/rev/3daa224d6117 https://hg.mozilla.org/releases/mozilla-b2g18/rev/48feb431c200 e:/builds/moz2_slave/m-aurora-w32-dbg/build/content/base/src/nsCSPService.cpp(101) : error C2039: 'TYPE_CSP_REPORT' : is not a member of 'nsIContentPolicy' e:/builds/moz2_slave/m-aurora-w32-dbg/build/content/base/src/nsCSPService.cpp(101) : error C2065: 'TYPE_CSP_REPORT' : undeclared identifier
Comment 27•12 years ago
|
||
Hm, it looks like we need to uplift Bug 802905. Sid, does that sounds reasonable to you?
Updated•12 years ago
|
Flags: needinfo?(sstamm)
Assignee | ||
Comment 28•12 years ago
|
||
Fabrice: depends on how much risk you want to take. It would be safer to just make another version of the patch that doesn't reference the CSP_REPORT load type and uplift that (instead of the patch for central).
Flags: needinfo?(sstamm)
Assignee | ||
Comment 29•12 years ago
|
||
I'll fix this patch for aurora and b2g18.
Assignee: fabrice → sstamm
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Assignee | ||
Comment 30•12 years ago
|
||
This patch applies cleanly to mozilla-aurora and mozilla-b2g18. It is the same as the patch that landed before, but does not reference the content type CSP_REPORT. Builds on linux64 and gecko CSP mochitests pass. I haven't verified everything else works, but the logic changes from what previously landed is just one line.
Attachment #694920 -
Flags: review?(fabrice)
Updated•12 years ago
|
Attachment #694920 -
Flags: review?(fabrice) → review+
Updated•12 years ago
|
tracking-b2g18:
--- → +
Assignee | ||
Comment 31•12 years ago
|
||
https://hg.mozilla.org/releases/mozilla-aurora/rev/60cca0a957d8 https://hg.mozilla.org/releases/mozilla-b2g18/rev/fd510850baba
Status: REOPENED → RESOLVED
Closed: 12 years ago → 12 years ago
Resolution: --- → FIXED
Updated•12 years ago
|
Whiteboard: [perf_tsk]
Updated•12 years ago
|
Whiteboard: [perf_tsk] → [FFOS_perf]
Updated•12 years ago
|
Whiteboard: [FFOS_perf]
You need to log in
before you can comment on or make changes to this bug.
Description
•