Open Bug 1243998 Opened 8 years ago Updated 2 years ago

Leak with accessibility, document.fonts, and geolocation prompt in background

Categories

(Core :: DOM: Geolocation, defect, P5)

Product:
Core
Component:
DOM: Geolocation
Type:
defect

Tracking

()

Tracking Flags:
Tracking Status
firefox47 --- affected

People

(Reporter: jruderman, Unassigned)

Details

(Keywords: memory-leak, regressionwindow-wanted, testcase, Whiteboard: [MemShrink:P2] dom-triaged)

Attachments

(1 file)

testcase
297 bytes, text/html
Details
Attached file testcase 
https://github.com/MozillaSecurity/funfuzz/

funfuzz/dom/automation/domInteresting.py --background build m.html

Leaks nsDocument, nsGlobalWindow, etc.

(I'm guessing it has to be in the background to suppress the geolocation prompt and make it remain a pending request until shutdown?)
The behavior of geolocation in the background changed recently in bug 1216148, so perhaps that is related.
I also landed bug 1238427 on 1/22, which is more recent.
Can you run the test case and see which patch (if either) introduced this?
Flags: needinfo?(ywu)
Keywords: regressionwindow-wanted
Hey Jesse Ruderman, 
before I start to test, I want to make sure that I don't misunderstand your point.

What you mean is that if a page starts in the background, gps is still working?
But you expect that this page shouldn't get updated?
  
Thanks!
Flags: needinfo?(jruderman)
(In reply to Ya-Chieh Wu from comment #4)
> Hey Jesse Ruderman, 
> before I start to test, I want to make sure that I don't misunderstand your
> point.
> 
> What you mean is that if a page starts in the background, gps is still
> working?
> But you expect that this page shouldn't get updated?
>   
> Thanks!

I think he means when a page starts and ends in the background, the pending request is leaked along with the document and window. Likely it's introduced by bug 1216148 because we stop the timer when page is in background. I think we should cleanup the requests when the window goes away instead of relying on the timeout timer.
Flags: needinfo?(jruderman)
Hey Jesse,

I tried to reproduce the leak you mentioned but I passed with no leaks at all.
the message that funfuzz show: detect_leaks: PASS with no leaks at all 

I used your m.html and run with "funfuzz/dom/automation/domInteresting.py --background build m.html" 
I tried to click the share location button and not to share. Both cases close with no leaks.


Could you tell me what exactly your steps so I can try to reproduce.
many thanks!
Flags: needinfo?(ywu) → needinfo?(jruderman)
Whiteboard: [MemShrink] → [MemShrink] dom-noted
Whiteboard: [MemShrink] dom-noted → [MemShrink] dom-triaged
Whiteboard: [MemShrink] dom-triaged → [MemShrink:P2] dom-triaged
I can still reproduce on trunk, as long as I leave the window unfocused. (When running with domInteresting.py, the testcase will instruct the browser to quit after a few seconds, so you shouldn't ever need to focus it.)

I wouldn't be surprised if this is Mac-specific.
Flags: needinfo?(jruderman)
Hi Andrew,

Could you take a look at this? I think bug 1238427 could be related.
Flags: needinfo?(continuation)
Sure.
Assignee: nobody → continuation
Flags: needinfo?(continuation)
I can reproduce on OSX.

The leaking nsGlobalWindow for the test case is being held alive via two missing references to the nsDocument for the test case. It isn't obvious to me how geo stuff can hold alive a document.
This does not seem to be a regression from bug 1240906.
Component: DOM → Geolocation
This does not appear to be a regression from either bug 1238427 or bug 1216148. At least, I was able to back both of those out and the leak still occurred.
I don't think I'm going to have a chance to work on this soon. It doesn't seem like it was a regression from any recent work.
Assignee: continuation → nobody
Priority: -- → P5
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: