String Encoding: Threadsafe refcount problem on b2g18 when using TextEncoder in workers

RESOLVED WONTFIX

Status

()

Core
DOM
RESOLVED WONTFIX
4 years ago
2 years ago

People

(Reporter: gwagner, Assigned: emk)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment)

(Reporter)

Description

4 years ago
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 606.636]
0x40a31f7c in mozilla::dom::EncodingUtils::AddRef (this=0x43ebd730) at ../../dist/include/mozilla/dom/EncodingUtils.h:17
17	  NS_INLINE_DECL_REFCOUNTING(EncodingUtils)
(gdb) bt
#0  0x40a31f7c in mozilla::dom::EncodingUtils::AddRef (this=0x43ebd730) at ../../dist/include/mozilla/dom/EncodingUtils.h:17
#1  0x40a321c6 in mozilla::dom::EncodingUtils::GetOrCreate () at /Volumes/2mac/gaia/b2g18/dom/encoding/EncodingUtils.cpp:270
#2  0x40a321e4 in mozilla::dom::EncodingUtils::FindEncodingForLabel (aLabel=..., aOutEncoding=@0x44cfe490) at /Volumes/2mac/gaia/b2g18/dom/encoding/EncodingUtils.cpp:316
#3  0x40a3381a in mozilla::dom::TextEncoderBase::Init (this=0x44b354dc, aEncoding=..., aRv=...) at /Volumes/2mac/gaia/b2g18/dom/encoding/TextEncoder.cpp:21
#4  0x40a89e4c in mozilla::dom::workers::TextEncoder::Constructor (aCx=0x4237e4b0, aObj=0x45609040, aEncoding=..., aRv=...) at /Volumes/2mac/gaia/b2g18/dom/workers/TextEncoder.cpp:31
#5  0x4115d8b2 in _constructor (cx=0x4237e4b0, argc=<value optimized out>, vp=0x44e5a680) at /Volumes/2mac/gaia/b2g18/debunagibuild/dom/bindings/TextEncoderBinding.cpp:593
#6  0x414f03e4 in js::CallJSNative (cx=0x4237e4b0, native=0x4115d83d <_constructor>, args=...) at /Volumes/2mac/gaia/b2g18/js/src/jscntxtinlines.h:364
#7  0x41504634 in js::InvokeKernel (cx=0x4237e4b0, args=..., construct=js::NO_CONSTRUCT) at /Volumes/2mac/gaia/b2g18/js/src/jsinterp.cpp:367
#8  0x414fd99e in js::Interpret (cx=0x4237e4b0, entryFrame=<value optimized out>, interpMode=<value optimized out>) at /Volumes/2mac/gaia/b2g18/js/src/jsinterp.cpp:2475
#9  0x41503ef4 in js::RunScript (cx=0x4237e4b0, script=<value optimized out>, fp=0x44e5a368) at /Volumes/2mac/gaia/b2g18/js/src/jsinterp.cpp:324
#10 0x415046b4 in js::InvokeKernel (cx=0x4237e4b0, args=..., construct=js::NO_CONSTRUCT) at /Volumes/2mac/gaia/b2g18/js/src/jsinterp.cpp:378
#11 0x414b2f5e in Invoke (cx=0x4237e4b0, argc=<value optimized out>, vp=0x44e5a2c8) at /Volumes/2mac/gaia/b2g18/js/src/jsinterp.h:109
#12 js_fun_apply (cx=0x4237e4b0, argc=<value optimized out>, vp=0x44e5a2c8) at /Volumes/2mac/gaia/b2g18/js/src/jsfun.cpp:968
#13 0x414f03e4 in js::CallJSNative (cx=0x4237e4b0, native=0x414b2cd5 <js_fun_apply(JSContext*, unsigned int, JS::Value*)>, args=...) at /Volumes/2mac/gaia/b2g18/js/src/jscntxtinlines.h:364
#14 0x41504634 in js::InvokeKernel (cx=0x4237e4b0, args=..., construct=js::NO_CONSTRUCT) at /Volumes/2mac/gaia/b2g18/js/src/jsinterp.cpp:367
#15 0x414fd99e in js::Interpret (cx=0x4237e4b0, entryFrame=<value optimized out>, interpMode=<value optimized out>) at /Volumes/2mac/gaia/b2g18/js/src/jsinterp.cpp:2475
#16 0x41503ef4 in js::RunScript (cx=0x4237e4b0, script=<value optimized out>, fp=0x44e5a110) at /Volumes/2mac/gaia/b2g18/js/src/jsinterp.cpp:324
#17 0x415046b4 in js::InvokeKernel (cx=0x4237e4b0, args=..., construct=js::NO_CONSTRUCT) at /Volumes/2mac/gaia/b2g18/js/src/jsinterp.cpp:378
#18 0x41463918 in Invoke (cx=0x4237e4b0, argc=<value optimized out>, vp=<value optimized out>) at /Volumes/2mac/gaia/b2g18/js/src/jsinterp.h:109
#19 js::FastInvokeGuard::invoke (cx=0x4237e4b0, argc=<value optimized out>, vp=<value optimized out>) at /Volumes/2mac/gaia/b2g18/js/src/jsinterpinlines.h:1056
#20 array_readonlyCommon<ArrayForEachBehavior> (cx=0x4237e4b0, argc=<value optimized out>, vp=<value optimized out>) at /Volumes/2mac/gaia/b2g18/js/src/jsarray.cpp:3123
#21 array_forEach (cx=0x4237e4b0, argc=<value optimized out>, vp=<value optimized out>) at /Volumes/2mac/gaia/b2g18/js/src/jsarray.cpp:3160
#22 0x416b5d56 in JaegerStubVeneer () from /Volumes/2mac/gaia/b2g18/debunagibuild/dist/bin/libxul.so
#23 0x416b5d56 in JaegerStubVeneer () from /Volumes/2mac/gaia/b2g18/debunagibuild/dist/bin/libxul.so
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 606.636]
0x40a31f7c in mozilla::dom::EncodingUtils::AddRef (this=0x43ebd730) at ../../dist/include/mozilla/dom/EncodingUtils.h:17
17	  NS_INLINE_DECL_REFCOUNTING(EncodingUtils)
(gdb) bt
#0  0x40a31f7c in mozilla::dom::EncodingUtils::AddRef (this=0x43ebd730) at ../../dist/include/mozilla/dom/EncodingUtils.h:17
#1  0x40a321c6 in mozilla::dom::EncodingUtils::GetOrCreate () at /Volumes/2mac/gaia/b2g18/dom/encoding/EncodingUtils.cpp:270
#2  0x40a321e4 in mozilla::dom::EncodingUtils::FindEncodingForLabel (aLabel=..., aOutEncoding=@0x44cfe490) at /Volumes/2mac/gaia/b2g18/dom/encoding/EncodingUtils.cpp:316
#3  0x40a3381a in mozilla::dom::TextEncoderBase::Init (this=0x44b354dc, aEncoding=..., aRv=...) at /Volumes/2mac/gaia/b2g18/dom/encoding/TextEncoder.cpp:21
#4  0x40a89e4c in mozilla::dom::workers::TextEncoder::Constructor (aCx=0x4237e4b0, aObj=0x45609040, aEncoding=..., aRv=...) at /Volumes/2mac/gaia/b2g18/dom/workers/TextEncoder.cpp:31
#5  0x4115d8b2 in _constructor (cx=0x4237e4b0, argc=<value optimized out>, vp=0x44e5a680) at /Volumes/2mac/gaia/b2g18/debunagibuild/dom/bindings/TextEncoderBinding.cpp:593
#6  0x414f03e4 in js::CallJSNative (cx=0x4237e4b0, native=0x4115d83d <_constructor>, args=...) at /Volumes/2mac/gaia/b2g18/js/src/jscntxtinlines.h:364
#7  0x41504634 in js::InvokeKernel (cx=0x4237e4b0, args=..., construct=js::NO_CONSTRUCT) at /Volumes/2mac/gaia/b2g18/js/src/jsinterp.cpp:367
#8  0x414fd99e in js::Interpret (cx=0x4237e4b0, entryFrame=<value optimized out>, interpMode=<value optimized out>) at /Volumes/2mac/gaia/b2g18/js/src/jsinterp.cpp:2475
#9  0x41503ef4 in js::RunScript (cx=0x4237e4b0, script=<value optimized out>, fp=0x44e5a368) at /Volumes/2mac/gaia/b2g18/js/src/jsinterp.cpp:324
#10 0x415046b4 in js::InvokeKernel (cx=0x4237e4b0, args=..., construct=js::NO_CONSTRUCT) at /Volumes/2mac/gaia/b2g18/js/src/jsinterp.cpp:378
#11 0x414b2f5e in Invoke (cx=0x4237e4b0, argc=<value optimized out>, vp=0x44e5a2c8) at /Volumes/2mac/gaia/b2g18/js/src/jsinterp.h:109
#12 js_fun_apply (cx=0x4237e4b0, argc=<value optimized out>, vp=0x44e5a2c8) at /Volumes/2mac/gaia/b2g18/js/src/jsfun.cpp:968
#13 0x414f03e4 in js::CallJSNative (cx=0x4237e4b0, native=0x414b2cd5 <js_fun_apply(JSContext*, unsigned int, JS::Value*)>, args=...) at /Volumes/2mac/gaia/b2g18/js/src/jscntxtinlines.h:364
#14 0x41504634 in js::InvokeKernel (cx=0x4237e4b0, args=..., construct=js::NO_CONSTRUCT) at /Volumes/2mac/gaia/b2g18/js/src/jsinterp.cpp:367
#15 0x414fd99e in js::Interpret (cx=0x4237e4b0, entryFrame=<value optimized out>, interpMode=<value optimized out>) at /Volumes/2mac/gaia/b2g18/js/src/jsinterp.cpp:2475
#16 0x41503ef4 in js::RunScript (cx=0x4237e4b0, script=<value optimized out>, fp=0x44e5a110) at /Volumes/2mac/gaia/b2g18/js/src/jsinterp.cpp:324
#17 0x415046b4 in js::InvokeKernel (cx=0x4237e4b0, args=..., construct=js::NO_CONSTRUCT) at /Volumes/2mac/gaia/b2g18/js/src/jsinterp.cpp:378
#18 0x41463918 in Invoke (cx=0x4237e4b0, argc=<value optimized out>, vp=<value optimized out>) at /Volumes/2mac/gaia/b2g18/js/src/jsinterp.h:109
#19 js::FastInvokeGuard::invoke (cx=0x4237e4b0, argc=<value optimized out>, vp=<value optimized out>) at /Volumes/2mac/gaia/b2g18/js/src/jsinterpinlines.h:1056
#20 array_readonlyCommon<ArrayForEachBehavior> (cx=0x4237e4b0, argc=<value optimized out>, vp=<value optimized out>) at /Volumes/2mac/gaia/b2g18/js/src/jsarray.cpp:3123
#21 array_forEach (cx=0x4237e4b0, argc=<value optimized out>, vp=<value optimized out>) at /Volumes/2mac/gaia/b2g18/js/src/jsarray.cpp:3160
#22 0x416b5d56 in JaegerStubVeneer () from /Volumes/2mac/gaia/b2g18/debunagibuild/dist/bin/libxul.so
#23 0x416b5d56 in JaegerStubVeneer () from /Volumes/2mac/gaia/b2g18/debunagibuild/dist/bin/libxul.so
Summary: String Encoding: Threadsafe refcount problem on b2g18 → String Encoding: Threadsafe refcount problem on b2g18 when using TextEncoder in workers
(Assignee)

Comment 1

4 years ago
Created attachment 783411 [details] [diff] [review]
Make EncodingUtils thread-safe

Trivial. This bug is only applicable on b2g because EncodingUtils no longer refcounts on m-c.
Assignee: nobody → VYV03354
Status: NEW → ASSIGNED
Attachment #783411 - Flags: review?(bzbarsky)
This doesn't look so trivial to me. The first instance loads a bunch of data into a hashtable. What's to say another thread doesn't call GetOrCreate before that process is finished?
(Assignee)

Comment 3

4 years ago
Comment on attachment 783411 [details] [diff] [review]
Make EncodingUtils thread-safe

Hm, we should port what trunk is doing?
Attachment #783411 - Flags: review?(bzbarsky)
I haven't had a chance to look. One b2g-only fix could be to just force EncodingUtils to be created before allowing any workers to launch (along with this patch you have here). Is that sufficient?

Although if trunk is more correct here and it's simple to backport then we should not add little hacks.
Status: ASSIGNED → RESOLVED
Last Resolved: 2 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.