Skip to site navigation (Press enter)

[webkit-changes] [272257] branches/safari-611-branch/Source/WebCore

repstein Tue, 02 Feb 2021 17:40:29 -0800

Title: [272257] branches/safari-611-branch/Source/WebCore

Revision: 272257
Author: [email protected]
Date: 2021-02-02 17:39:50 -0800 (Tue, 02 Feb 2021)

Log Message

Cherry-pick r271761. rdar://problem/73890346


    Crash under FFTFrame::fftSetupForSize()
    https://bugs.webkit.org/show_bug.cgi?id=220866
    <rdar://73199504>

    Reviewed by Darin Adler.

    Follow-up to r271751 to address comment from Darin Adler. Stop using the double-checked
    locking pattern as it is likely not safe [1].

    [1] http://erdani.org/publications/DDJ_Jul_Aug_2004_revised.pdf

    * platform/audio/mac/FFTFrameMac.cpp:
    (WebCore::fftSetups):
    (WebCore::FFTFrame::fftSetupForSize):

    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@271761 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Modified Paths

branches/safari-611-branch/Source/WebCore/ChangeLog
branches/safari-611-branch/Source/WebCore/platform/audio/mac/FFTFrameMac.cpp

Diff

Modified: branches/safari-611-branch/Source/WebCore/ChangeLog (272256 => 272257)


--- branches/safari-611-branch/Source/WebCore/ChangeLog	2021-02-03 01:39:45 UTC (rev 272256)
+++ branches/safari-611-branch/Source/WebCore/ChangeLog	2021-02-03 01:39:50 UTC (rev 272257)
@@ -1,5 +1,44 @@
 2021-02-02  Alan Coon  <[email protected]>
 
+        Cherry-pick r271761. rdar://problem/73890346
+
+    Crash under FFTFrame::fftSetupForSize()
+    https://bugs.webkit.org/show_bug.cgi?id=220866
+    <rdar://73199504>
+    
+    Reviewed by Darin Adler.
+    
+    Follow-up to r271751 to address comment from Darin Adler. Stop using the double-checked
+    locking pattern as it is likely not safe [1].
+    
+    [1] http://erdani.org/publications/DDJ_Jul_Aug_2004_revised.pdf
+    
+    * platform/audio/mac/FFTFrameMac.cpp:
+    (WebCore::fftSetups):
+    (WebCore::FFTFrame::fftSetupForSize):
+    
+    
+    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@271761 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+    2021-01-22  Chris Dumez  <[email protected]>
+
+            Crash under FFTFrame::fftSetupForSize()
+            https://bugs.webkit.org/show_bug.cgi?id=220866
+            <rdar://73199504>
+
+            Reviewed by Darin Adler.
+
+            Follow-up to r271751 to address comment from Darin Adler. Stop using the double-checked
+            locking pattern as it is likely not safe [1].
+
+            [1] http://erdani.org/publications/DDJ_Jul_Aug_2004_revised.pdf
+
+            * platform/audio/mac/FFTFrameMac.cpp:
+            (WebCore::fftSetups):
+            (WebCore::FFTFrame::fftSetupForSize):
+
+2021-02-02  Alan Coon  <[email protected]>
+
         Cherry-pick r271760. rdar://problem/73890156
 
     AX: AT-synthesized key events for common user actions (increment/decrement) are detectably different in many ways, potentially causing both web app breakage and AT identification

Modified: branches/safari-611-branch/Source/WebCore/platform/audio/mac/FFTFrameMac.cpp (272256 => 272257)


--- branches/safari-611-branch/Source/WebCore/platform/audio/mac/FFTFrameMac.cpp	2021-02-03 01:39:45 UTC (rev 272256)
+++ branches/safari-611-branch/Source/WebCore/platform/audio/mac/FFTFrameMac.cpp	2021-02-03 01:39:50 UTC (rev 272257)
@@ -46,6 +46,15 @@
 constexpr unsigned kMinFFTPow2Size = 2;
 constexpr unsigned kMaxFFTPow2Size = 24;
 
+static Lock fftSetupsLock;
+
+static Vector<FFTSetup>& fftSetups()
+{
+    ASSERT(fftSetupsLock.isHeld());
+    static NeverDestroyed<Vector<FFTSetup>> fftSetups(kMaxFFTPow2Size, nullptr);
+    return fftSetups;
+}
+
 // Normal constructor: allocates for a given fftSize
 FFTFrame::FFTFrame(unsigned fftSize)
     : m_realData(fftSize)
@@ -122,29 +131,15 @@
     VectorMath::multiplyByScalar(data, 1.0f / m_FFTSize, data, m_FFTSize);
 }
 
-static Vector<FFTSetup>& fftSetups()
-{
-    static LazyNeverDestroyed<Vector<FFTSetup>> fftSetups;
-    static std::once_flag onceKey;
-    std::call_once(onceKey, [&] {
-        fftSetups.construct(kMaxFFTPow2Size, nullptr);
-    });
-    return fftSetups;
-}
-
 FFTSetup FFTFrame::fftSetupForSize(unsigned fftSize)
 {
-    static Lock fftSetupsLock;
-
     auto pow2size = static_cast<size_t>(log2(fftSize));
     ASSERT(pow2size < kMaxFFTPow2Size);
 
+    auto locker = holdLock(fftSetupsLock);
     auto& fftSetup = fftSetups().at(pow2size);
-    if (!fftSetup) {
-        auto locker = holdLock(fftSetupsLock);
-        if (!fftSetup)
-            fftSetup = vDSP_create_fftsetup(pow2size, FFT_RADIX2);
-    }
+    if (!fftSetup)
+        fftSetup = vDSP_create_fftsetup(pow2size, FFT_RADIX2);
 
     return fftSetup;
 }

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes