Closed Bug 1778681 Opened 2 years ago Closed 2 years ago

gfxPlatformFontList::GetDefaultGeneric can access Preferences off main thread

Categories

(Core :: Graphics: Text, defect, P3)

Product:
Core
Component:
Graphics: Text
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
104 Branch
Tracking Flags:
Tracking Status
firefox104 --- fixed

People

(Reporter: aosmond, Assigned: aosmond)

References

Details

Attachments

(1 file)

Bug 1778681 - Cache prefs for gfxPlatformFontList::GetDefaultGeneric at initialization.
48 bytes, text/x-phabricator-request
Details | Review

gfxPlatformFontList::GetDefaultGeneric can access Preferences off main thread when a worker calls draw APIs. First noticed on Android in CI.

https://searchfox.org/mozilla-central/rev/5e6e08e53ca4f9f62e19bcbae542eef7824641ed/gfx/thebes/gfxPlatformFontList.cpp#2405

[task 2022-07-08T03:37:32.132Z] 03:37:32     INFO -  9  libxul.so!gfxFontGroup::MakeTextRun(char16_t const*, unsigned int, gfxTextRunFactory::Parameters const*, mozilla::gfx::ShapedTextFlags, nsTextFrameUtils::Flags, gfxMissingFontRecorder*) [gfxTextRun.cpp:3d22e54811decedbbeb8aa034bb3fdc285d3fee1 : 2525 + 0x14]
[task 2022-07-08T03:37:32.132Z] 03:37:32     INFO -      rbx = 0x0000754b35e50dc0    rbp = 0x0000754b356fd3c0
[task 2022-07-08T03:37:32.132Z] 03:37:32     INFO -      rsp = 0x0000754b356fd360    r12 = 0x0000754b36bd46a0
[task 2022-07-08T03:37:32.132Z] 03:37:32     INFO -      r13 = 0x0000000000000005    r14 = 0x0000754b356fd380
[task 2022-07-08T03:37:32.132Z] 03:37:32     INFO -      r15 = 0x0000754b356fd3e0    rip = 0x0000754b3e7b54f2
[task 2022-07-08T03:37:32.132Z] 03:37:32     INFO -     Found by: call frame info
[task 2022-07-08T03:37:32.132Z] 03:37:32     INFO - 10  libxul.so!already_AddRefed<gfxTextRun> gfxFontGroup::MakeTextRun<char16_t>(char16_t const*, unsigned int, mozilla::gfx::DrawTarget*, int, mozilla::gfx::ShapedTextFlags, nsTextFrameUtils::Flags, gfxMissingFontRecorder*) [gfxTextRun.h:3d22e54811decedbbeb8aa034bb3fdc285d3fee1 : 1003 + 0xe]
[task 2022-07-08T03:37:32.133Z] 03:37:32     INFO -      rbx = 0x0000754b356fd458    rbp = 0x0000754b356fd420
[task 2022-07-08T03:37:32.133Z] 03:37:32     INFO -      rsp = 0x0000754b356fd3d0    r12 = 0x0000754b356fd564
[task 2022-07-08T03:37:32.133Z] 03:37:32     INFO -      r13 = 0x0000754b356fd458    r14 = 0x0000000000000000
[task 2022-07-08T03:37:32.133Z] 03:37:32     INFO -      r15 = 0x0000754b611ad838    rip = 0x0000754b3e58ed76
[task 2022-07-08T03:37:32.133Z] 03:37:32     INFO -     Found by: call frame info
[task 2022-07-08T03:37:32.133Z] 03:37:32     INFO - 11  libxul.so!mozilla::dom::CanvasBidiProcessor::SetText(char16_t const*, int, mozilla::intl::BidiDirection) [CanvasRenderingContext2D.cpp:3d22e54811decedbbeb8aa034bb3fdc285d3fee1 : 3730 + 0x1e]
[task 2022-07-08T03:37:32.133Z] 03:37:32     INFO -      rbx = 0x0000754b356fd7d8    rbp = 0x0000754b356fd490
[task 2022-07-08T03:37:32.133Z] 03:37:32     INFO -      rsp = 0x0000754b356fd430    r12 = 0x0000754b356fd564
[task 2022-07-08T03:37:32.133Z] 03:37:32     INFO -      r13 = 0x0000754b356fd458    r14 = 0x0000000000000005
[task 2022-07-08T03:37:32.133Z] 03:37:32     INFO -      r15 = 0x0000754b611ad838    rip = 0x0000754b3f68be88
[task 2022-07-08T03:37:32.133Z] 03:37:32     INFO -     Found by: call frame info
[task 2022-07-08T03:37:32.133Z] 03:37:32     INFO - 12  libxul.so!nsBidiPresUtils::ProcessText(char16_t const*, unsigned long, mozilla::intl::BidiEmbeddingLevel, nsPresContext*, nsBidiPresUtils::BidiProcessor&, nsBidiPresUtils::Mode, nsBidiPositionResolve*, int, int*, mozilla::intl::Bidi*) [nsBidiPresUtils.cpp:3d22e54811decedbbeb8aa034bb3fdc285d3fee1 : 2234 + 0x34]
[task 2022-07-08T03:37:32.133Z] 03:37:32     INFO -      rbx = 0x0000000000000000    rbp = 0x0000754b356fd6b0
[task 2022-07-08T03:37:32.133Z] 03:37:32     INFO -      rsp = 0x0000754b356fd4a0    r12 = 0x0000000000000000
[task 2022-07-08T03:37:32.133Z] 03:37:32     INFO -      r13 = 0x0000754b356fd550    r14 = 0x0000754b356fd7d8
[task 2022-07-08T03:37:32.134Z] 03:37:32     INFO -      r15 = 0x0000754b356fd500    rip = 0x0000754b409c60a7
[task 2022-07-08T03:37:32.134Z] 03:37:32     INFO -     Found by: call frame info
[task 2022-07-08T03:37:32.134Z] 03:37:32     INFO - 13  libxul.so!mozilla::dom::CanvasRenderingContext2D::DrawOrMeasureText(nsTSubstring<char16_t> const&, float, float, mozilla::dom::Optional<double> const&, mozilla::dom::CanvasRenderingContext2D::TextDrawOperation, mozilla::ErrorResult&) [CanvasRenderingContext2D.cpp:3d22e54811decedbbeb8aa034bb3fdc285d3fee1 : 4101 + 0x3a]
[task 2022-07-08T03:37:32.134Z] 03:37:32     INFO -      rbx = 0x0000754b356fd85c    rbp = 0x0000754b356fd910
[task 2022-07-08T03:37:32.134Z] 03:37:32     INFO -      rsp = 0x0000754b356fd6c0    r12 = 0x0000754b356fd960
[task 2022-07-08T03:37:32.134Z] 03:37:32     INFO -      r13 = 0x0000000000000005    r14 = 0x0000754b36b3cf40
[task 2022-07-08T03:37:32.134Z] 03:37:32     INFO -      r15 = 0x0000754b36b70100    rip = 0x0000754b3f649956
[task 2022-07-08T03:37:32.134Z] 03:37:32     INFO -     Found by: call frame info
[task 2022-07-08T03:37:32.134Z] 03:37:32     INFO - 14  libxul.so!mozilla::dom::CanvasRenderingContext2D::MeasureText(nsTSubstring<char16_t> const&, mozilla::ErrorResult&) [CanvasRenderingContext2D.cpp:3d22e54811decedbbeb8aa034bb3fdc285d3fee1 : 3586 + 0xa]
[task 2022-07-08T03:37:32.134Z] 03:37:32     INFO -      rbx = 0x0000754b5ab31800    rbp = 0x0000754b356fd940
[task 2022-07-08T03:37:32.134Z] 03:37:32     INFO -      rsp = 0x0000754b356fd920    r12 = 0x0000754b36b70100
[task 2022-07-08T03:37:32.134Z] 03:37:32     INFO -      r13 = 0x0000000000000000    r14 = 0x0000754b356fd960
[task 2022-07-08T03:37:32.134Z] 03:37:32     INFO -      r15 = 0x0000754b356fdac0    rip = 0x0000754b3f64a062
[task 2022-07-08T03:37:32.134Z] 03:37:32     INFO -     Found by: call frame info
[task 2022-07-08T03:37:32.134Z] 03:37:32     INFO - 15  libxul.so!mozilla::dom::OffscreenCanvasRenderingContext2D_Binding::measureText(JSContext*, JS::Handle<JSObject*>, void*, JSJitMethodCallArgs const&) [OffscreenCanvasRenderingContext2DBinding.cpp: : 4019 + 0xa]
[task 2022-07-08T03:37:32.135Z] 03:37:32     INFO -      rbx = 0x0000754b5ab31800    rbp = 0x0000754b356fda50
[task 2022-07-08T03:37:32.135Z] 03:37:32     INFO -      rsp = 0x0000754b356fd950    r12 = 0x0000754b36b70100
[task 2022-07-08T03:37:32.135Z] 03:37:32     INFO -      r13 = 0x0000000000000000    r14 = 0x0000754b356fd960
[task 2022-07-08T03:37:32.135Z] 03:37:32     INFO -      r15 = 0x0000754b356fdac0    rip = 0x0000754b3ee39ce7
[task 2022-07-08T03:37:32.135Z] 03:37:32     INFO -     Found by: call frame info

Caching the pref values at initialization instead of on demand allows
this code to be threadsafe and accessible from DOM workers.

Assignee: nobody → aosmond
Status: NEW → ASSIGNED
Pushed by aosmond@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/d2ec7b6792ec
Cache prefs for gfxPlatformFontList::GetDefaultGeneric at initialization. r=jfkthame

Backed out for causing assertion failures in include/mozilla/ServoUtils.h

Backout link: https://hg.mozilla.org/integration/autoland/rev/01c3b9a157c9ac52ead7f6e232c834e2c6135cf2

Push with failures

Failure log - assertion

Failure log mochitest nofis

Flags: needinfo?(aosmond)

I didn't fix it for all paths, the patch has been updated.

Flags: needinfo?(aosmond)
Pushed by aosmond@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/b501387f4641
Cache prefs for gfxPlatformFontList::GetDefaultGeneric at initialization. r=jfkthame

https://hg.mozilla.org/mozilla-central/rev/b501387f4641

Status: ASSIGNED → RESOLVED
Closed: 2 years ago
status-firefox104: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 104 Branch
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: