Title: [295176] branches/safari-613-branch/Source/WebKit
- Revision
- 295176
- Author
- alanc...@apple.com
- Date
- 2022-06-02 23:45:08 -0700 (Thu, 02 Jun 2022)
Log Message
Apply patch. rdar://problem/88904160
Modified Paths
Diff
Modified: branches/safari-613-branch/Source/WebKit/ChangeLog (295175 => 295176)
--- branches/safari-613-branch/Source/WebKit/ChangeLog 2022-06-03 06:45:05 UTC (rev 295175)
+++ branches/safari-613-branch/Source/WebKit/ChangeLog 2022-06-03 06:45:08 UTC (rev 295176)
@@ -1,5 +1,58 @@
2022-04-22 Kimmo Kinnunen <kkinnu...@apple.com>
+ Multiple concurrency violations in LibWebRTCCodecsProxy
+ https://bugs.webkit.org/show_bug.cgi?id=236767
+ <rdar://88904160>
+
+ Reviewed by Antti Koivisto.
+
+ - ThreadMessageReceivers should not add IPC listeners in constructors,
+ as the delivery starts right away and uses the unconstructed virtual pointer.
+ - The work queue functions should not use GPUConnectionToWebProcess, as that is
+ main thread object.
+ - Locked m_encoders, m_decoders are sometimes accessed without lock.
+
+ Instead:
+ - Add the IPC listeners in initialize function.
+ - Remove the IPC listeners when GPUConnectionToWebProcess disconnects.
+ - Store the thread-safe conection, video frame object heap, process identity
+ objects as member variables.
+ - Do not lock m_encoders, m_decoders. If they are work queue instances,
+ just access them in the work queue functions. Add thread requirements
+ to the variables so that the compiler checks the access.
+ - Use IPC testing assertions when skipping incorrect messages.
+ - Use separate atomic counter (bool) to check if allowsExitUnderMemoryPressure.
+
+ No new tests, tested with existing tests and ASAN.
+
+ * GPUProcess/GPUConnectionToWebProcess.cpp:
+ (WebKit::GPUConnectionToWebProcess::~GPUConnectionToWebProcess):
+ (WebKit::GPUConnectionToWebProcess::didClose):
+ * GPUProcess/GPUConnectionToWebProcess.h:
+ * GPUProcess/webrtc/LibWebRTCCodecsProxy.h:
+ * GPUProcess/webrtc/LibWebRTCCodecsProxy.mm:
+ (WebKit::LibWebRTCCodecsProxy::create):
+ (WebKit::LibWebRTCCodecsProxy::LibWebRTCCodecsProxy):
+ (WebKit::LibWebRTCCodecsProxy::stopListeningForIPC):
+ (WebKit::LibWebRTCCodecsProxy::initialize):
+ (WebKit::LibWebRTCCodecsProxy::dispatchToThread):
+ (WebKit::LibWebRTCCodecsProxy::createDecoderCallback):
+ (WebKit::LibWebRTCCodecsProxy::createH264Decoder):
+ (WebKit::LibWebRTCCodecsProxy::createH265Decoder):
+ (WebKit::LibWebRTCCodecsProxy::createVP9Decoder):
+ (WebKit::LibWebRTCCodecsProxy::releaseDecoder):
+ (WebKit::LibWebRTCCodecsProxy::createEncoder):
+ (WebKit::LibWebRTCCodecsProxy::releaseEncoder):
+ (WebKit::LibWebRTCCodecsProxy::initializeEncoder):
+ (WebKit::LibWebRTCCodecsProxy::findEncoder):
+ (WebKit::LibWebRTCCodecsProxy::encodeFrame):
+ (WebKit::LibWebRTCCodecsProxy::setEncodeRates):
+ (WebKit::LibWebRTCCodecsProxy::setSharedVideoFrameSemaphore):
+ (WebKit::LibWebRTCCodecsProxy::setSharedVideoFrameMemory):
+ (WebKit::LibWebRTCCodecsProxy::allowsExitUnderMemoryPressure const):
+
+2022-04-22 Kimmo Kinnunen <kkinnu...@apple.com>
+
Thread safety analysis to assert "code is run sequentially" is not useful when code is mainly run with WorkQueues
https://bugs.webkit.org/show_bug.cgi?id=236832
Modified: branches/safari-613-branch/Source/WebKit/GPUProcess/graphics/RemoteGraphicsContextGL.cpp (295175 => 295176)
--- branches/safari-613-branch/Source/WebKit/GPUProcess/graphics/RemoteGraphicsContextGL.cpp 2022-06-03 06:45:05 UTC (rev 295175)
+++ branches/safari-613-branch/Source/WebKit/GPUProcess/graphics/RemoteGraphicsContextGL.cpp 2022-06-03 06:45:08 UTC (rev 295176)
@@ -252,7 +252,7 @@
void RemoteGraphicsContextGL::copyTextureFromMedia(WebCore::MediaPlayerIdentifier mediaPlayerIdentifier, uint32_t texture, uint32_t target, int32_t level, uint32_t internalFormat, uint32_t format, uint32_t type, bool premultiplyAlpha, bool flipY, CompletionHandler<void(bool)>&& completionHandler)
{
- assertIsCurrent(m_workQueue());
+ assertIsCurrent(workQueue());
#if USE(AVFOUNDATION)
UNUSED_VARIABLE(premultiplyAlpha);
ASSERT_UNUSED(target, target == GraphicsContextGL::TEXTURE_2D);
Modified: branches/safari-613-branch/Source/WebKit/GPUProcess/webrtc/LibWebRTCCodecsProxy.h (295175 => 295176)
--- branches/safari-613-branch/Source/WebKit/GPUProcess/webrtc/LibWebRTCCodecsProxy.h 2022-06-03 06:45:05 UTC (rev 295175)
+++ branches/safari-613-branch/Source/WebKit/GPUProcess/webrtc/LibWebRTCCodecsProxy.h 2022-06-03 06:45:08 UTC (rev 295176)
@@ -31,6 +31,7 @@
#include "DataReference.h"
#include "RTCDecoderIdentifier.h"
#include "RTCEncoderIdentifier.h"
+#include <WebCore/ProcessIdentity.h>
#include <atomic>
#include <wtf/ThreadAssertions.h>
@@ -87,8 +88,10 @@
CFDictionaryRef ioSurfacePixelBufferCreationOptions(IOSurfaceRef);
+ Ref<IPC::Connection> m_connection;
+ Ref<WorkQueue> m_queue;
+ const WebCore::ProcessIdentity m_resourceOwner;
- Ref<WorkQueue> m_queue;
HashMap<RTCDecoderIdentifier, webrtc::LocalDecoder> m_decoders WTF_GUARDED_BY_LOCK(workQueue());
HashMap<RTCEncoderIdentifier, webrtc::LocalEncoder> m_encoders WTF_GUARDED_BY_LOCK(workQueue());
std::atomic<bool> m_hasEncodersOrDecoders { false };
Modified: branches/safari-613-branch/Source/WebKit/GPUProcess/webrtc/LibWebRTCCodecsProxy.mm (295175 => 295176)
--- branches/safari-613-branch/Source/WebKit/GPUProcess/webrtc/LibWebRTCCodecsProxy.mm 2022-06-03 06:45:05 UTC (rev 295175)
+++ branches/safari-613-branch/Source/WebKit/GPUProcess/webrtc/LibWebRTCCodecsProxy.mm 2022-06-03 06:45:08 UTC (rev 295176)
@@ -37,6 +37,7 @@
#import <WebCore/CVUtilities.h>
#import <WebCore/LibWebRTCProvider.h>
#import <WebCore/RemoteVideoSample.h>
+#import <WebCore/MediaSampleAVFObjC.h>
#import <webrtc/sdk/WebKit/WebKitDecoder.h>
#import <webrtc/sdk/WebKit/WebKitEncoder.h>
#import <wtf/BlockPtr.h>
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
