Mac RCTDisplayLink fix plus bonus deprecated API cleanup (#854)

ntre · web-flow · commit e877ebfe083f · 2021-10-15T14:03:17.000-07:00
Defensive changes to Mac RCTDisplayLink

Real-world data suggests crashes with this stack:
  CVDisplayLink::start()
  -[RCTDisplayLink updateJSDisplayLinkState] (RCTDisplayLink.m:157)
  -[RCTDisplayLink registerModuleForFrameUpdates:withModuleData:]_block_invoke (RCTDisplayLink.m:67)
  -[RCTTiming timerDidFire] (RCTTiming.mm:324)
  -[_RCTTimingProxy timerDidFire] (RCTTiming.mm:93)

Some symbols are missing in this stack, presumably due to compiler optimizations.
-updateJSDisplayLinkState is calling CVDisplayLinkStart as a result of a
call to "_jsDisplayLink.paused = NO".
-registerModuleForFrameUpdates block is presumably getting called via pauseCallback,
likely via [RCTTiming startTimers], presumably owned by RCTCxxBridge.

The most likely immediate explanation for the crash is that we are calling
CVDisplayLinkStart with a zombie _displayLink pointer.
However there is a lot of indirection here as well as thread-hopping, and
unfortunately no clearly incorrect code that would explain such a zombie pointer.

Some defensive changes:
-explicitly remove the association to pauseCallback when underlying display link object is invalidated.
-remove a prior attempt at additional check in updateJSDisplayLinkState itself as it is not relevant.
-make sure we explicitly set _displayLink to NULL when we release it, such that there is one less failure point.
diff --git a/React/Base/RCTDisplayLink.m b/React/Base/RCTDisplayLink.m
@@ -96,6 +96,15 @@ - (void)dealloc
 
 - (void)invalidate
 {
+  // [TODO: GH#858
+  // ensure observer callbacks do not hold a reference to weak self via pauseCallback
+  for (RCTModuleData *moduleData in _frameUpdateObservers) {
+    id<RCTFrameUpdateObserver> observer = (id<RCTFrameUpdateObserver>)moduleData.instance;
+    [observer setPauseCallback:nil];
+  }
+  [_frameUpdateObservers removeAllObjects];	// just to be explicit
+  // TODO: GH#858]
+
   [_jsDisplayLink invalidate];
 }
 
@@ -146,9 +155,7 @@ - (void)updateJSDisplayLinkState
   BOOL pauseDisplayLink = YES;
   for (RCTModuleData *moduleData in _frameUpdateObservers) {
     id<RCTFrameUpdateObserver> observer = (id<RCTFrameUpdateObserver>)moduleData.instance;
-    BOOL validObserverProtocol = [observer conformsToProtocol:@protocol(RCTFrameUpdateObserver)]; // [TODO: GH#774- add protocol check before accessing data
-    RCTAssert(validObserverProtocol, @"Observer does not conform to necessary protocol (RCTFrameUpdateObserver)");
-    if (validObserverProtocol && !observer.paused) { // TODO: GH#774- add protocol check before accessing data]
+    if (!observer.paused) {
       pauseDisplayLink = NO;
       break;
     }
diff --git a/React/Base/macOS/RCTPlatformDisplayLink.m b/React/Base/macOS/RCTPlatformDisplayLink.m
@@ -65,6 +65,7 @@ - (void)dealloc
   if (_displayLink != NULL) {
     CVDisplayLinkStop(_displayLink);
     CVDisplayLinkRelease(_displayLink);
+    _displayLink = NULL;
   }
 }
 

Original file line number	Diff line number	Diff line change
`@@ -65,6 +65,7 @@ - (void)dealloc`
`65`	`65`	`if (_displayLink != NULL) {`
`66`	`66`	`CVDisplayLinkStop(_displayLink);`
`67`	`67`	`CVDisplayLinkRelease(_displayLink);`
	`68`	`+ _displayLink = NULL;`
`68`	`69`	`}`
`69`	`70`	`}`
`70`	`71`