Bug 1284939 - Removed definition and usage of QUIRK_FLASH_AVOID_CGMODE_CRASHES. Adjusted the bit shifts for quirk values that fell below it to keep the increment between them consistent. r=spohl
authorPhil Bystrican <phil_bystrican@me.com>
Fri, 22 Jul 2016 14:11:14 -0400
changeset 346491 3943bab616288a033a685c522e0366eb495e7e6f
parent 346490 640247e978ba7adf75b641218081f36eacae50d0
child 346492 d7ce447d842cf7f5b6d6e2599971da1be0cfb2f5
push id6389
push userraliiev@mozilla.com
push dateMon, 19 Sep 2016 13:38:22 +0000
treeherdermozilla-beta@01d67bfe6c81 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersspohl
bugs1284939
milestone50.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1284939 - Removed definition and usage of QUIRK_FLASH_AVOID_CGMODE_CRASHES. Adjusted the bit shifts for quirk values that fell below it to keep the increment between them consistent. r=spohl CGBridgeLayer was only ever constructed with aAvoidCGCrashes as false so its property mAvoidCGCrashes was removed and all conditionals that relied on it were removed. This also resulted in protectLastCGContext never doing any work so it was removed as well. r=spohl
dom/plugins/ipc/PluginInstanceChild.cpp
dom/plugins/ipc/PluginQuirks.cpp
dom/plugins/ipc/PluginQuirks.h
dom/plugins/ipc/PluginUtilsOSX.h
dom/plugins/ipc/PluginUtilsOSX.mm
--- a/dom/plugins/ipc/PluginInstanceChild.cpp
+++ b/dom/plugins/ipc/PluginInstanceChild.cpp
@@ -3524,17 +3524,17 @@ PluginInstanceChild::EnsureCurrentBuffer
     return true;
 #elif defined(XP_MACOSX)
 
     if (!mDoubleBufferCARenderer.HasCALayer()) {
         void *caLayer = nullptr;
         if (mDrawingModel == NPDrawingModelCoreGraphics) {
             if (!mCGLayer) {
                 caLayer = mozilla::plugins::PluginUtilsOSX::GetCGLayer(CallCGDraw,
-                                                                       this, false,
+                                                                       this,
                                                                        mContentsScaleFactor);
 
                 if (!caLayer) {
                     PLUGIN_LOG_DEBUG(("GetCGLayer failed."));
                     return false;
                 }
             }
             mCGLayer = caLayer;
--- a/dom/plugins/ipc/PluginQuirks.cpp
+++ b/dom/plugins/ipc/PluginQuirks.cpp
@@ -45,17 +45,16 @@ int GetQuirksFromMimeTypeAndFilename(con
         quirks |= QUIRK_QUICKTIME_AVOID_SETWINDOW;
     }
 #endif
 
 #ifdef XP_MACOSX
     // Whitelist Flash and Quicktime to support offline renderer
     NS_NAMED_LITERAL_CSTRING(quicktime, "QuickTime Plugin.plugin");
     if (specialType == nsPluginHost::eSpecialType_Flash) {
-        quirks |= QUIRK_FLASH_AVOID_CGMODE_CRASHES;
         quirks |= QUIRK_ALLOW_OFFLINE_RENDERER;
     } else if (FindInReadable(quicktime, aPluginFilename)) {
         quirks |= QUIRK_ALLOW_OFFLINE_RENDERER;
     }
 #endif
 
 #ifdef OS_WIN
     if (specialType == nsPluginHost::eSpecialType_Unity) {
--- a/dom/plugins/ipc/PluginQuirks.h
+++ b/dom/plugins/ipc/PluginQuirks.h
@@ -42,29 +42,24 @@ enum PluginQuirks {
   QUIRK_QUICKTIME_AVOID_SETWINDOW                 = 1 << 7,
   // Win: Check to make sure the parent window has focus before calling
   // set focus on the child. Addresses a full screen dialog prompt
   // problem in Silverlight.
   QUIRK_SILVERLIGHT_FOCUS_CHECK_PARENT            = 1 << 8,
   // Mac: Allow the plugin to use offline renderer mode.
   // Use this only if the plugin is certified the support the offline renderer.
   QUIRK_ALLOW_OFFLINE_RENDERER                    = 1 << 9,
-  // Mac: Work around a Flash bug that can cause plugin process crashes
-  // in CoreGraphics mode:  The Flash plugin sometimes accesses the
-  // CGContextRef we pass to it in NPP_HandleEvent(NPCocoaEventDrawRect)
-  // outside of that call.  See bug 804606.
-  QUIRK_FLASH_AVOID_CGMODE_CRASHES                = 1 << 10,
   // Work around a Flash bug where it fails to check the error code of a
   // NPN_GetValue(NPNVdocumentOrigin) call before trying to dereference
   // its char* output.
-  QUIRK_FLASH_RETURN_EMPTY_DOCUMENT_ORIGIN        = 1 << 11,
+  QUIRK_FLASH_RETURN_EMPTY_DOCUMENT_ORIGIN        = 1 << 10,
   // Win: Addresses a Unity bug with mouse capture.
-  QUIRK_UNITY_FIXUP_MOUSE_CAPTURE                 = 1 << 12,
+  QUIRK_UNITY_FIXUP_MOUSE_CAPTURE                 = 1 << 11,
   // Win: Hook IMM32 API to handle IME event on windowless plugin
-  QUIRK_WINLESS_HOOK_IME                          = 1 << 13,
+  QUIRK_WINLESS_HOOK_IME                          = 1 << 12,
 };
 
 int GetQuirksFromMimeTypeAndFilename(const nsCString& aMimeType,
                                      const nsCString& aPluginFilename);
 
 } /* namespace plugins */
 } /* namespace mozilla */
 
--- a/dom/plugins/ipc/PluginUtilsOSX.h
+++ b/dom/plugins/ipc/PluginUtilsOSX.h
@@ -20,18 +20,17 @@ typedef void (*RemoteProcessEvents) (voi
 
 NPError ShowCocoaContextMenu(void* aMenu, int aX, int aY, void* pluginModule, RemoteProcessEvents remoteEvent);
 
 void InvokeNativeEventLoop();
 
 // Need to call back and send a cocoa draw event to the plugin.
 typedef void (*DrawPluginFunc) (CGContextRef, void*, nsIntRect aUpdateRect);
 
-void* GetCGLayer(DrawPluginFunc aFunc, void* aPluginInstance,
-                 bool aAvoidCGCrashes, double aContentsScaleFactor);
+void* GetCGLayer(DrawPluginFunc aFunc, void* aPluginInstance, double aContentsScaleFactor);
 void ReleaseCGLayer(void* cgLayer);
 void Repaint(void* cgLayer, nsIntRect aRect);
 
 bool SetProcessName(const char* aProcessName);
 
 /*
  * Provides a wrapper around nsCARenderer to manage double buffering
  * without having to unbind nsCARenderer on every surface swaps.
--- a/dom/plugins/ipc/PluginUtilsOSX.mm
+++ b/dom/plugins/ipc/PluginUtilsOSX.mm
@@ -21,24 +21,20 @@
 @end
 
 using namespace mozilla::plugins::PluginUtilsOSX;
 
 @interface CGBridgeLayer : CALayer {
   DrawPluginFunc mDrawFunc;
   void* mPluginInstance;
   nsIntRect mUpdateRect;
-  BOOL mAvoidCGCrashes;
-  CGContextRef mLastCGContext;
 }
 - (void)setDrawFunc:(DrawPluginFunc)aFunc
-     pluginInstance:(void*)aPluginInstance
-     avoidCGCrashes:(BOOL)aAvoidCGCrashes;
+     pluginInstance:(void*)aPluginInstance;
 - (void)updateRect:(nsIntRect)aRect;
-- (void)protectLastCGContext;
 
 @end
 
 // CGBitmapContextSetData() is an undocumented function present (with
 // the same signature) since at least OS X 10.5.  As the name suggests,
 // it's used to replace the "data" in a bitmap context that was
 // originally specified in a call to CGBitmapContextCreate() or
 // CGBitmapContextCreateWithData().
@@ -56,91 +52,41 @@ CGBitmapContextSetDataFunc CGBitmapConte
 @implementation CGBridgeLayer
 - (void) updateRect:(nsIntRect)aRect
 {
    mUpdateRect.UnionRect(mUpdateRect, aRect);
 }
 
 - (void) setDrawFunc:(DrawPluginFunc)aFunc
       pluginInstance:(void*)aPluginInstance
-      avoidCGCrashes:(BOOL)aAvoidCGCrashes
 {
   mDrawFunc = aFunc;
   mPluginInstance = aPluginInstance;
-  mAvoidCGCrashes = aAvoidCGCrashes;
-  mLastCGContext = nil;
-}
-
-// The Flash plugin, in very unusual circumstances, can (in CoreGraphics
-// mode) try to access the CGContextRef from -[CGBridgeLayer drawInContext:]
-// outside of any call to NPP_HandleEvent(NPCocoaEventDrawRect).  This usually
-// crashes the plugin process (probably because it tries to access deleted
-// memory).  We stop these crashes from happening by holding a reference to
-// the CGContextRef, and also by ensuring that it's data won't get deleted.
-// The CGContextRef won't "work" in this form.  But this won't cause trouble
-// for plugins that do things correctly (that don't access this CGContextRef
-// outside of the call to NPP_HandleEvent() that passes it to the plugin).
-// The OS may reuse this CGContextRef (it may get passed to other calls to
-// -[CGBridgeLayer drawInContext:]).  But before each call the OS calls
-// CGBitmapContextSetData() to replace its data, which undoes the changes
-// we make here.  See bug 804606.
-- (void)protectLastCGContext
-{
-  if (!mAvoidCGCrashes || !mLastCGContext) {
-    return;
-  }
-
-  static char ensuredData[128] = {0};
-
-  if (!CGBitmapContextSetDataPtr) {
-    CGBitmapContextSetDataPtr = (CGBitmapContextSetDataFunc)
-      dlsym(RTLD_DEFAULT, "CGBitmapContextSetData");
-  }
-
-  if (CGBitmapContextSetDataPtr && (GetContextType(mLastCGContext) == CG_CONTEXT_TYPE_BITMAP)) {
-    CGBitmapContextSetDataPtr(mLastCGContext, 0, 0, 1, 1, ensuredData, 8, 32, 64);
-  }
 }
 
 - (void)drawInContext:(CGContextRef)aCGContext
 {
   ::CGContextSaveGState(aCGContext); 
   ::CGContextTranslateCTM(aCGContext, 0, self.bounds.size.height);
   ::CGContextScaleCTM(aCGContext, (CGFloat) 1, (CGFloat) -1);
 
   mUpdateRect = nsIntRect(0, 0, self.bounds.size.width, self.bounds.size.height);
 
   mDrawFunc(aCGContext, mPluginInstance, mUpdateRect);
 
   ::CGContextRestoreGState(aCGContext);
 
-  if (mAvoidCGCrashes) {
-    if (mLastCGContext) {
-      ::CGContextRelease(mLastCGContext);
-    }
-    mLastCGContext = aCGContext;
-    ::CGContextRetain(mLastCGContext);
-  }
-
   mUpdateRect.SetEmpty();
 }
 
-- (void)dealloc
-{
-  if (mLastCGContext) {
-    ::CGContextRelease(mLastCGContext);
-  }
-  [super dealloc];
-}
-
 @end
 
-void* mozilla::plugins::PluginUtilsOSX::GetCGLayer(DrawPluginFunc aFunc, void* aPluginInstance,
-                                                   bool aAvoidCGCrashes, double aContentsScaleFactor)
-{
+void* mozilla::plugins::PluginUtilsOSX::GetCGLayer(DrawPluginFunc aFunc, 
+                                                   void* aPluginInstance, 
+                                                   double aContentsScaleFactor) {
   CGBridgeLayer *bridgeLayer = [[CGBridgeLayer alloc] init];
 
   // We need to make bridgeLayer behave properly when its superlayer changes
   // size (in nsCARenderer::SetBounds()).
   bridgeLayer.autoresizingMask = kCALayerWidthSizable | kCALayerHeightSizable;
   bridgeLayer.needsDisplayOnBoundsChange = YES;
   NSNull *nullValue = [NSNull null];
   NSDictionary *actions = [NSDictionary dictionaryWithObjectsAndKeys:
@@ -160,34 +106,32 @@ void* mozilla::plugins::PluginUtilsOSX::
 #if defined(MAC_OS_X_VERSION_10_7) && \
     MAC_OS_X_VERSION_MAX_ALLOWED >= MAC_OS_X_VERSION_10_7
   if ([bridgeLayer respondsToSelector:@selector(setContentsScale:)]) {
     bridgeLayer.contentsScale = aContentsScaleFactor;
   }
 #endif
 
   [bridgeLayer setDrawFunc:aFunc
-            pluginInstance:aPluginInstance
-            avoidCGCrashes:aAvoidCGCrashes];
+            pluginInstance:aPluginInstance];
   return bridgeLayer;
 }
 
 void mozilla::plugins::PluginUtilsOSX::ReleaseCGLayer(void *cgLayer) {
   CGBridgeLayer *bridgeLayer = (CGBridgeLayer*)cgLayer;
   [bridgeLayer release];
 }
 
 void mozilla::plugins::PluginUtilsOSX::Repaint(void *caLayer, nsIntRect aRect) {
   CGBridgeLayer *bridgeLayer = (CGBridgeLayer*)caLayer;
   [CATransaction begin];
   [bridgeLayer updateRect:aRect];
   [bridgeLayer setNeedsDisplay];
   [bridgeLayer displayIfNeeded];
   [CATransaction commit];
-  [bridgeLayer protectLastCGContext];
 }
 
 @interface EventProcessor : NSObject {
   RemoteProcessEvents   aRemoteEvents;
   void                 *aPluginModule;
 }
 - (void)setRemoteEvents:(RemoteProcessEvents) remoteEvents pluginModule:(void*) pluginModule;
 - (void)onTick;