[webkit-changes] [271761] trunk/Source/WebCore

Fri, 22 Jan 2021 14:36:08 -0800

Title: [271761] trunk/Source/WebCore
Revision
271761
Author
[email protected]
Date
2021-01-22 14:35:25 -0800 (Fri, 22 Jan 2021)

Log Message

Crash under FFTFrame::fftSetupForSize()
https://bugs.webkit.org/show_bug.cgi?id=220866
<rdar://73199504>

Reviewed by Darin Adler.

Follow-up to r271751 to address comment from Darin Adler. Stop using the double-checked
locking pattern as it is likely not safe [1].

[1] http://erdani.org/publications/DDJ_Jul_Aug_2004_revised.pdf

* platform/audio/mac/FFTFrameMac.cpp:
(WebCore::fftSetups):
(WebCore::FFTFrame::fftSetupForSize):

Modified Paths

Diff

Modified: trunk/Source/WebCore/ChangeLog (271760 => 271761)


--- trunk/Source/WebCore/ChangeLog	2021-01-22 21:55:33 UTC (rev 271760)
+++ trunk/Source/WebCore/ChangeLog	2021-01-22 22:35:25 UTC (rev 271761)
@@ -1,3 +1,20 @@
+2021-01-22  Chris Dumez  <[email protected]>
+
+        Crash under FFTFrame::fftSetupForSize()
+        https://bugs.webkit.org/show_bug.cgi?id=220866
+        <rdar://73199504>
+
+        Reviewed by Darin Adler.
+
+        Follow-up to r271751 to address comment from Darin Adler. Stop using the double-checked
+        locking pattern as it is likely not safe [1].
+
+        [1] http://erdani.org/publications/DDJ_Jul_Aug_2004_revised.pdf
+
+        * platform/audio/mac/FFTFrameMac.cpp:
+        (WebCore::fftSetups):
+        (WebCore::FFTFrame::fftSetupForSize):
+
 2021-01-22  Chris Fleizach  <[email protected]>
 
         AX: AT-synthesized key events for common user actions (increment/decrement) are detectably different in many ways, potentially causing both web app breakage and AT identification

Modified: trunk/Source/WebCore/platform/audio/mac/FFTFrameMac.cpp (271760 => 271761)


--- trunk/Source/WebCore/platform/audio/mac/FFTFrameMac.cpp	2021-01-22 21:55:33 UTC (rev 271760)
+++ trunk/Source/WebCore/platform/audio/mac/FFTFrameMac.cpp	2021-01-22 22:35:25 UTC (rev 271761)
@@ -46,6 +46,15 @@
 constexpr unsigned kMinFFTPow2Size = 2;
 constexpr unsigned kMaxFFTPow2Size = 24;
 
+static Lock fftSetupsLock;
+
+static Vector<FFTSetup>& fftSetups()
+{
+    ASSERT(fftSetupsLock.isHeld());
+    static NeverDestroyed<Vector<FFTSetup>> fftSetups(kMaxFFTPow2Size, nullptr);
+    return fftSetups;
+}
+
 // Normal constructor: allocates for a given fftSize
 FFTFrame::FFTFrame(unsigned fftSize)
     : m_realData(fftSize)
@@ -122,29 +131,15 @@
     VectorMath::multiplyByScalar(data, 1.0f / m_FFTSize, data, m_FFTSize);
 }
 
-static Vector<FFTSetup>& fftSetups()
-{
-    static LazyNeverDestroyed<Vector<FFTSetup>> fftSetups;
-    static std::once_flag onceKey;
-    std::call_once(onceKey, [&] {
-        fftSetups.construct(kMaxFFTPow2Size, nullptr);
-    });
-    return fftSetups;
-}
-
 FFTSetup FFTFrame::fftSetupForSize(unsigned fftSize)
 {
-    static Lock fftSetupsLock;
-
     auto pow2size = static_cast<size_t>(log2(fftSize));
     ASSERT(pow2size < kMaxFFTPow2Size);
 
+    auto locker = holdLock(fftSetupsLock);
     auto& fftSetup = fftSetups().at(pow2size);
-    if (!fftSetup) {
-        auto locker = holdLock(fftSetupsLock);
-        if (!fftSetup)
-            fftSetup = vDSP_create_fftsetup(pow2size, FFT_RADIX2);
-    }
+    if (!fftSetup)
+        fftSetup = vDSP_create_fftsetup(pow2size, FFT_RADIX2);
 
     return fftSetup;
 }

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to