Closed Bug 1277630 Opened 8 years ago Closed 4 years ago

browser.xul window leaked through firefox@getpocket.com addon

Categories

(Firefox :: Pocket, defect)

Product:
Firefox
Component:
Pocket
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED INACTIVE

People

(Reporter: bkelly, Unassigned)

Details

(Whiteboard: [MemShrink:P2]) 

Recently in FF46.0.1 I noticed I had a leaked browser.xul window:

│   │   ├──3.28 MB (00.58%) -- top(none)/detached
│   │   │  ├──3.28 MB (00.58%) ++ window(chrome://browser/content/browser.xul)
│   │   │  └──0.00 MB (00.00%) ── window([system])/dom/other

Firefox was also using a ton of memory for canvas considering I had closed all my tabs and windows except for about:memory

        352.14 MB ── canvas-2d-pixels

I checked the CC logs and it seems to point at the pocket addon:

$ /c/devel/heapgraph/find_roots.py cc-edges.11808.1464889609.log 000001E685BF3000
Parsing cc-edges.11808.1464889609.log. Done loading graph.

000001E86FCCB060 [JS Object (Window)]
    --[UnwrapDOMObject(obj)]--> 000001E685BF3000 [nsGlobalWindow #1974 inner chrome://browser/conten
t/browser.xul]

    Root 000001E86FCCB060 is a marked GC object.


bkelly@kosh /c/devel/tmp/cclogs/canvas
$ /c/devel/heapgraph/find_roots.py gc-edges.11808.1464889609.log -bro 000001E86FCCB060
Parsing gc-edges.11808.1464889609.log. Done loading graph.

via PersistentRooted<JSObject*> :
000001E6B81A2C40 [BackstagePass 1e6b84c8a60]
    --[XPIProvider]--> 000001E6B83F2E40 [Object <no private>]
    --[bootstrapScopes]--> 000001E6B83F2E80 [Object <no private>]
    --[firefox@getpocket.com]--> 000001E85A728600 [Proxy <no private>]
    --[private]--> 000001E6B8746920 [Sandbox 1e6b895d6b8]
    --[sibling]--> 000001E6C500AB80 [Proxy <no private>]
    --[private]--> 000001E87312D520 [XULElement <no private>]
    --[shape]--> 000001E8702B9290 [shape]
    --[base]--> 000001E6D1E2A380 [base_shape]
    --[global]--> 000001E86FCCB060 [Window <no private>]

Which is then keeping at least one canvas alive:

$ /c/devel/heapgraph/find_roots.py gc-edges.11808.1464889609.log -bro 000001E87316F240
Parsing gc-edges.11808.1464889609.log. Done loading graph.

via PersistentRooted<JSObject*> :
000001E6B81A2C40 [BackstagePass 1e6b84c8a60]
    --[XPIProvider]--> 000001E6B83F2E40 [Object <no private>]
    --[bootstrapScopes]--> 000001E6B83F2E80 [Object <no private>]
    --[firefox@getpocket.com]--> 000001E85A728600 [Proxy <no private>]
    --[private]--> 000001E6B8746920 [Sandbox 1e6b895d6b8]
    --[sibling]--> 000001E6C500AB80 [Proxy <no private>]
    --[private]--> 000001E87312D520 [XULElement <no private>]
    --[shape]--> 000001E8702B9290 [shape]
    --[base]--> 000001E6D1E2A380 [base_shape]
    --[global]--> 000001E86FCCB060 [Window <no private>]
    --[protoAndIfaceCache[i], CanvasRenderingContext2D]--> 000001E87316F240 [Function <no private>]

This was in FF46.0.1 on win10 in non-e10s.
>         352.14 MB ── canvas-2d-pixels

This is likely just about:memory miscounting.  See bug 1241865 comment 8.
Whiteboard: [MemShrink] → [MemShrink:P2]
From the path in comment 0, there's some bootstrapScopes thing (I'm not sure what that is, as it does not appear in m-c AFAICT), which holds alive a sandbox, and that sandbox has a field "sibling" that is a XUL element from a window.

I see some pocket code like that:
http://searchfox.org/mozilla-central/source/browser/extensions/pocket/bootstrap.js#247

...but I wouldn't think it would just be held alive forever, as it looks like it has a limited scope. Maybe I'm wrong about how let works.

This bug has been closed due to inactivity and/or the potential for this bug to no longer be an issue with the new Discovery Stream-powered New Tab experience, and improvements to Pocket’s integration with Firefox.

Please help us triage by reopening if this issue still persists and should be addressed.

Thanks!

Status: NEW → RESOLVED
Closed: 4 years ago
Resolution: --- → INACTIVE
You need to log in before you can comment on or make changes to this bug.