Bug 1535403 - Take indirection into account for the CC optimizations for the outer window wrapper. r=peterv
authorAndrew McCreight <continuation@gmail.com>
Mon, 22 Apr 2019 16:34:51 +0000
changeset 470376 3073770e06f157040f4c64951b7e8425e1ad7bbe
parent 470375 1ee2dbf025098374e660fd92b1cee4f13c7b695e
child 470377 44928a7f57454b09e22399f2bb45f715015c267b
push id112868
push useropoprus@mozilla.com
push dateMon, 22 Apr 2019 22:19:22 +0000
treeherdermozilla-inbound@24537856cc88 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerspeterv
bugs1535403
milestone68.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1535403 - Take indirection into account for the CC optimizations for the outer window wrapper. r=peterv Most wrapper cached C++ objects are held alive by their wrapper. The cycle collector takes advantage of this in many classes and ignores the C++ object if the wrapper is marked black. However, this is not true for the outer window's wrapper. Instead, the outer window's wrapper keeps the inner window alive. The inner window usually keeps its outer window alive, but not after it has been unlinked. For reasons I do not yet understand, the outer window's wrapper can be kept alive after the inner window it is a proxy for is unlinked. This patch fixes the cycle collector optimization for the outer window by only applying it if the outer window still has a weak reference to the inner window, which it will until the inner no longer holds the outer alive. This in turn fixes, or at least helps fix, window leaks seen intermittently when the lifetime of outer windows and docshells are tied together. The code comment is based on a review comment by peterv. Differential Revision: https://phabricator.services.mozilla.com/D27981
dom/base/nsGlobalWindowOuter.cpp
--- a/dom/base/nsGlobalWindowOuter.cpp
+++ b/dom/base/nsGlobalWindowOuter.cpp
@@ -1459,18 +1459,23 @@ NS_IMPL_CYCLE_COLLECTION_TRACE_BEGIN(nsG
   NS_IMPL_CYCLE_COLLECTION_TRACE_PRESERVED_WRAPPER
 NS_IMPL_CYCLE_COLLECTION_TRACE_END
 
 bool nsGlobalWindowOuter::IsBlackForCC(bool aTracingNeeded) {
   if (!nsCCUncollectableMarker::sGeneration) {
     return false;
   }
 
+  // Unlike most wrappers, the outer window wrapper is not a wrapper for
+  // the outer window. Instead, the outer window wrapper holds the inner
+  // window binding object, which in turn holds the nsGlobalWindowInner, which
+  // has a strong reference to the nsGlobalWindowOuter. We're using the
+  // mInnerWindow pointer as a flag for that whole chain.
   return (nsCCUncollectableMarker::InGeneration(GetMarkedCCGeneration()) ||
-          HasKnownLiveWrapper()) &&
+          (mInnerWindow && HasKnownLiveWrapper())) &&
          (!aTracingNeeded || HasNothingToTrace(ToSupports(this)));
 }
 
 //*****************************************************************************
 // nsGlobalWindowOuter::nsIScriptGlobalObject
 //*****************************************************************************
 
 nsresult nsGlobalWindowOuter::EnsureScriptEnvironment() {