Closed
Bug 1384625
Opened 7 years ago
Closed 7 years ago
stylo: heap write hazards under Servo_GetEmptyVariables
Categories
(Core :: CSS Parsing and Computation, enhancement, P1)
Core
CSS Parsing and Computation
Tracking
()
RESOLVED
FIXED
mozilla56
Tracking | Status | |
---|---|---|
firefox56 | --- | fixed |
People
(Reporter: rillian, Assigned: heycam)
References
Details
Attachments
(1 file, 1 obsolete file)
Bug 1384625 - Crash in ServoComputedValues::GetStyleVariables, which should never need to be called.
59 bytes,
text/x-review-board-request
|
emilio
:
review+
|
Details |
Enabling stylo for the linux64 hazard build fails with an extra heap write entry: [31.81s] #32 Analyzing Gecko_CalcStyleDifference ... Error: External function Location: Servo_GetEmptyVariables Stack Trace: _ZNK17ServoComputedData17GetStyleVariablesEv$nsStyleVariables* ServoComputedData: :GetStyleVariables() const @ layout/style/ServoBindings.cpp#240 _ZN14nsStyleContext24ThreadsafeStyleVariablesEv$nsStyleVariables* nsStyleContext: :ThreadsafeStyleVariables() @ obj-analyzed/dist/include/nsStyleStructList.h#80 _ZN14nsStyleContext19CalcStyleDifferenceEPS_PjS1_j$uint32 nsStyleContext::CalcSty leDifference(nsStyleContext*, uint32*, uint32*, uint32) @ obj-analyzed/layout/sty le/nsStyleStructList.h#80 ### SafeArguments: aNewStyle aOldStyleBits Gecko_CalcStyleDifference @ layout/style/ServoBindings.cpp#436 ### SafeArguments: <arg3> Maybe bug 1382964 missed some instances in the debug case? I can work around by disabling stylo for this target, but hopefully there's something simple we can do to remove the hazard.
Assignee | ||
Comment 1•7 years ago
|
||
Thanks, I think it should be safe just to add Servo_GetEmptyVariables to the whitelist.
Comment hidden (mozreview-request) |
Comment 3•7 years ago
|
||
mozreview-review |
Comment on attachment 8890650 [details] Bug 1384625 - Whitelist Servo_GetEmptyVariables from heap write analysis. https://reviewboard.mozilla.org/r/161810/#review167226 r=me, though we should see which are the remaining callsites of this, and remove them.
Attachment #8890650 -
Flags: review?(emilio+bugs) → review+
Assignee | ||
Comment 4•7 years ago
|
||
Yeah, now that you mention it, we probably don't even call this. (But the analysis doesn't even know.) Let's try a try run just crashing in ServoComputedValues::GetStyleVariables instead: https://treeherder.mozilla.org/#/jobs?repo=try&revision=379349f95b544d13a1195656ac7204d79d769bea
Assignee | ||
Updated•7 years ago
|
Flags: needinfo?(cam)
Assignee | ||
Updated•7 years ago
|
Attachment #8890650 -
Attachment is obsolete: true
Comment hidden (mozreview-request) |
Assignee | ||
Comment 6•7 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=e8bd2c235b2259afd355092756f65328e576ac6c
Flags: needinfo?(cam)
Comment 7•7 years ago
|
||
mozreview-review |
Comment on attachment 8890768 [details] Bug 1384625 - Crash in ServoComputedValues::GetStyleVariables, which should never need to be called. https://reviewboard.mozilla.org/r/161970/#review167266 We should remove the servo side too, but that can land independently. ::: layout/style/ServoBindings.cpp:240 (Diff revision 1) > } > > const nsStyleVariables* > ServoComputedData::GetStyleVariables() const > { > - return Servo_GetEmptyVariables(); > + MOZ_RELEASE_ASSERT(false, "ServoComputedData::GetStyleVariables should never " Just `MOZ_CRASH(..)`?
Attachment #8890768 -
Flags: review?(emilio+bugs) → review+
Updated•7 years ago
|
Assignee: nobody → cam
Priority: -- → P1
Assignee | ||
Comment 8•7 years ago
|
||
mozreview-review-reply |
Comment on attachment 8890768 [details] Bug 1384625 - Crash in ServoComputedValues::GetStyleVariables, which should never need to be called. https://reviewboard.mozilla.org/r/161970/#review167266 I'll file a PR for that after this lands and assume your r+. > Just `MOZ_CRASH(..)`? And return nullptr afterwards? I guess that's OK.
Comment hidden (mozreview-request) |
Comment 10•7 years ago
|
||
Pushed by cmccormack@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/847e0a72b276 Crash in ServoComputedValues::GetStyleVariables, which should never need to be called. r=emilio
Comment 11•7 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/847e0a72b276
Status: NEW → RESOLVED
Closed: 7 years ago
status-firefox56:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla56
You need to log in
before you can comment on or make changes to this bug.
Description
•