Skip to site navigation (Press enter)

[webkit-changes] [283246] branches/safari-612.2.9.1-branch/Source/WebKit

alancoon Wed, 29 Sep 2021 12:18:47 -0700

Title: [283246] branches/safari-612.2.9.1-branch/Source/WebKit

Revision: 283246
Author: [email protected]
Date: 2021-09-29 12:17:59 -0700 (Wed, 29 Sep 2021)

Log Message

Cherry-pick r283209. rdar://problem/83681911


    Crash in WebKit::DisplayLink::displayLinkCallback()
    https://bugs.webkit.org/show_bug.cgi?id=230917
    <rdar://82528370>

    Reviewed by Tim Horton.

    We have evidence of a divide-by-zero crash in DisplayLink::notifyObserversDisplayWasRefreshed()
    where m_currentUpdate.updatesPerSecond is zero. The only way I can see this happening
    is if DisplayLink::DisplayLink() returns early, which should log. Protect against
    this by initializing m_displayNominalFramesPerSecond to 60, and do another check,
    with a log, in DisplayLink::addObserver() before we use m_displayNominalFramesPerSecond
    for the first time.

    Convert the logging to RELEASE_LOG_FAULT reports.

    * UIProcess/mac/DisplayLink.cpp:
    (WebKit::DisplayLink::DisplayLink):
    (WebKit::DisplayLink::addObserver):
    * UIProcess/mac/DisplayLink.h:

    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@283209 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Modified Paths

branches/safari-612.2.9.1-branch/Source/WebKit/ChangeLog
branches/safari-612.2.9.1-branch/Source/WebKit/UIProcess/mac/DisplayLink.cpp
branches/safari-612.2.9.1-branch/Source/WebKit/UIProcess/mac/DisplayLink.h

Diff

Modified: branches/safari-612.2.9.1-branch/Source/WebKit/ChangeLog (283245 => 283246)


--- branches/safari-612.2.9.1-branch/Source/WebKit/ChangeLog	2021-09-29 19:17:55 UTC (rev 283245)
+++ branches/safari-612.2.9.1-branch/Source/WebKit/ChangeLog	2021-09-29 19:17:59 UTC (rev 283246)
@@ -1,5 +1,54 @@
 2021-09-29  Alan Coon  <[email protected]>
 
+        Cherry-pick r283209. rdar://problem/83681911
+
+    Crash in WebKit::DisplayLink::displayLinkCallback()
+    https://bugs.webkit.org/show_bug.cgi?id=230917
+    <rdar://82528370>
+    
+    Reviewed by Tim Horton.
+    
+    We have evidence of a divide-by-zero crash in DisplayLink::notifyObserversDisplayWasRefreshed()
+    where m_currentUpdate.updatesPerSecond is zero. The only way I can see this happening
+    is if DisplayLink::DisplayLink() returns early, which should log. Protect against
+    this by initializing m_displayNominalFramesPerSecond to 60, and do another check,
+    with a log, in DisplayLink::addObserver() before we use m_displayNominalFramesPerSecond
+    for the first time.
+    
+    Convert the logging to RELEASE_LOG_FAULT reports.
+    
+    * UIProcess/mac/DisplayLink.cpp:
+    (WebKit::DisplayLink::DisplayLink):
+    (WebKit::DisplayLink::addObserver):
+    * UIProcess/mac/DisplayLink.h:
+    
+    
+    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@283209 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+    2021-09-28  Simon Fraser  <[email protected]>
+
+            Crash in WebKit::DisplayLink::displayLinkCallback()
+            https://bugs.webkit.org/show_bug.cgi?id=230917
+            <rdar://82528370>
+
+            Reviewed by Tim Horton.
+
+            We have evidence of a divide-by-zero crash in DisplayLink::notifyObserversDisplayWasRefreshed()
+            where m_currentUpdate.updatesPerSecond is zero. The only way I can see this happening
+            is if DisplayLink::DisplayLink() returns early, which should log. Protect against
+            this by initializing m_displayNominalFramesPerSecond to 60, and do another check,
+            with a log, in DisplayLink::addObserver() before we use m_displayNominalFramesPerSecond
+            for the first time.
+
+            Convert the logging to RELEASE_LOG_FAULT reports.
+
+            * UIProcess/mac/DisplayLink.cpp:
+            (WebKit::DisplayLink::DisplayLink):
+            (WebKit::DisplayLink::addObserver):
+            * UIProcess/mac/DisplayLink.h:
+
+2021-09-29  Alan Coon  <[email protected]>
+
         Cherry-pick r283156. rdar://problem/83681765
 
     Vorbis decoder can't be instantiated - Remove workaround added in bug 228139

Modified: branches/safari-612.2.9.1-branch/Source/WebKit/UIProcess/mac/DisplayLink.cpp (283245 => 283246)


--- branches/safari-612.2.9.1-branch/Source/WebKit/UIProcess/mac/DisplayLink.cpp	2021-09-29 19:17:55 UTC (rev 283245)
+++ branches/safari-612.2.9.1-branch/Source/WebKit/UIProcess/mac/DisplayLink.cpp	2021-09-29 19:17:59 UTC (rev 283246)
@@ -48,13 +48,13 @@
     ASSERT(hasProcessPrivilege(ProcessPrivilege::CanCommunicateWithWindowServer));
     CVReturn error = CVDisplayLinkCreateWithCGDisplay(displayID, &m_displayLink);
     if (error) {
-        WTFLogAlways("Could not create a display link for display %u: error %d", displayID, error);
+        RELEASE_LOG_FAULT(DisplayLink, "Could not create a display link for display %u: error %d", displayID, error);
         return;
     }
     
     error = CVDisplayLinkSetOutputCallback(m_displayLink, displayLinkCallback, this);
     if (error) {
-        WTFLogAlways("Could not set the display link output callback for display %u: error %d", displayID, error);
+        RELEASE_LOG_FAULT(DisplayLink, "DisplayLink: Could not set the display link output callback for display %u: error %d", displayID, error);
         return;
     }
 
@@ -103,8 +103,13 @@
         LOG_WITH_STREAM(DisplayLink, stream << "[UI ] DisplayLink for display " << m_displayID << " starting CVDisplayLink with fps " << m_displayNominalFramesPerSecond);
         CVReturn error = CVDisplayLinkStart(m_displayLink);
         if (error)
-            WTFLogAlways("Could not start the display link: %d", error);
+            RELEASE_LOG_FAULT(DisplayLink, "DisplayLink: Could not start the display link: %d", error);
 
+        if (!m_displayNominalFramesPerSecond) {
+            RELEASE_LOG_FAULT(DisplayLink, "DisplayLink: displayNominalFramesPerSecond is 0, using %d", WebCore::FullSpeedFramesPerSecond);
+            m_displayNominalFramesPerSecond = WebCore::FullSpeedFramesPerSecond;
+        };
+
         m_currentUpdate = { 0, m_displayNominalFramesPerSecond };
     }
 }

Modified: branches/safari-612.2.9.1-branch/Source/WebKit/UIProcess/mac/DisplayLink.h (283245 => 283246)


--- branches/safari-612.2.9.1-branch/Source/WebKit/UIProcess/mac/DisplayLink.h	2021-09-29 19:17:55 UTC (rev 283245)
+++ branches/safari-612.2.9.1-branch/Source/WebKit/UIProcess/mac/DisplayLink.h	2021-09-29 19:17:59 UTC (rev 283246)
@@ -87,7 +87,7 @@
     Lock m_observersLock;
     HashMap<IPC::Connection::UniqueID, ConnectionClientInfo> m_observers WTF_GUARDED_BY_LOCK(m_observersLock);
     WebCore::PlatformDisplayID m_displayID;
-    WebCore::FramesPerSecond m_displayNominalFramesPerSecond { 0 };
+    WebCore::FramesPerSecond m_displayNominalFramesPerSecond { WebCore::FullSpeedFramesPerSecond };
     WebCore::DisplayUpdate m_currentUpdate;
     unsigned m_fireCountWithoutObservers { 0 };
     static bool shouldSendIPCOnBackgroundQueue;

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes