[webkit-changes] [158481] trunk/Source/WebKit2

[timothy_horton]

Title: [158481] trunk/Source/WebKit2

Revision

158481

Author

timothy_hor...@apple.com

Date

2013-11-01 19:23:00 -0700 (Fri, 01 Nov 2013)

Log Message

Remote Layer Tree: Crashes allocating incredibly large backing store for tiled backing layers
https://bugs.webkit.org/show_bug.cgi?id=123651

Reviewed by Simon Fraser.

* Shared/mac/RemoteLayerBackingStore.mm:
(RemoteLayerBackingStore::display):
(RemoteLayerBackingStore::drawInContext):
We can't dirty the whole layer if we have no existing front buffer if
we have no paints, because that will lead to layers which were never
setNeedsDisplay()'d getting backing store. Added back an assertion
that will catch this, too.

Modified Paths

• trunk/Source/WebKit2/ChangeLog
• trunk/Source/WebKit2/Shared/mac/RemoteLayerBackingStore.mm

Diff

Modified: trunk/Source/WebKit2/ChangeLog (158480 => 158481)

--- trunk/Source/WebKit2/ChangeLog	2013-11-02 02:13:19 UTC (rev 158480)
+++ trunk/Source/WebKit2/ChangeLog	2013-11-02 02:23:00 UTC (rev 158481)
@@ -1,3 +1,18 @@
+2013-11-01  Tim Horton  <timothy_hor...@apple.com>
+
+        Remote Layer Tree: Crashes allocating incredibly large backing store for tiled backing layers
+        https://bugs.webkit.org/show_bug.cgi?id=123651
+
+        Reviewed by Simon Fraser.
+
+        * Shared/mac/RemoteLayerBackingStore.mm:
+        (RemoteLayerBackingStore::display):
+        (RemoteLayerBackingStore::drawInContext):
+        We can't dirty the whole layer if we have no existing front buffer if
+        we have no paints, because that will lead to layers which were never
+        setNeedsDisplay()'d getting backing store. Added back an assertion
+        that will catch this, too.
+
 2013-11-01  Dan Bernstein  <m...@apple.com>
 
         [Cocoa] WKObject seems to be initializing its target in a thread-safe manner, but really is not

Modified: trunk/Source/WebKit2/Shared/mac/RemoteLayerBackingStore.mm (158480 => 158481)

--- trunk/Source/WebKit2/Shared/mac/RemoteLayerBackingStore.mm	2013-11-02 02:13:19 UTC (rev 158480)
+++ trunk/Source/WebKit2/Shared/mac/RemoteLayerBackingStore.mm	2013-11-02 02:23:00 UTC (rev 158481)
@@ -192,12 +192,12 @@
         return previouslyDrewContents;
     }
 
+    if (m_dirtyRegion.isEmpty() || m_size.isEmpty())
+        return false;
+
     if (!hasFrontBuffer())
         m_dirtyRegion.unite(IntRect(IntPoint(), m_size));
 
-    if (m_dirtyRegion.isEmpty() || m_size.isEmpty())
-        return false;
-
     if (m_layer->owner()->platformCALayerShowRepaintCounter(m_layer)) {
         IntRect indicatorRect = mapToContentCoordinates(IntRect(0, 0, 52, 27));
         m_dirtyRegion.unite(indicatorRect);
@@ -289,6 +289,7 @@
         case PlatformCALayer::LayerTypeRootLayer:
         case PlatformCALayer::LayerTypeAVPlayerLayer:
         case PlatformCALayer::LayerTypeCustom:
+            ASSERT_NOT_REACHED();
             break;
     };
 

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes