Title: [267772] trunk/Source/WebKit
- Revision
- 267772
- Author
- wenson_hs...@apple.com
- Date
- 2020-09-29 16:38:18 -0700 (Tue, 29 Sep 2020)
Log Message
[GPU Process] RemoteImageBufferProxy should ensure the state stack of the context is cleared before destruction
https://bugs.webkit.org/show_bug.cgi?id=208876
Reviewed by Tim Horton.
When running canvas layout tests in debug WebKit, the assertion in `~GraphicsContext()` which verifies that
`m_stack.isEmpty()` fires. This occurs because the matching call to restore may still be buffered in the web
process when the remote image buffer proxy in the GPU process is destroyed; however, this may also occur if the
web process terminates without having sent the matching calls to restore the graphics context.
We can fix both of these scenarios by manually unwinding the context's state stack when destroying the
`RemoteImageBufferProxy`. Original patch by Said Abou-Hallawa.
* GPUProcess/graphics/RemoteImageBufferProxy.h:
(WebKit::RemoteImageBufferProxy::~RemoteImageBufferProxy):
Modified Paths
Diff
Modified: trunk/Source/WebKit/ChangeLog (267771 => 267772)
--- trunk/Source/WebKit/ChangeLog 2020-09-29 23:35:37 UTC (rev 267771)
+++ trunk/Source/WebKit/ChangeLog 2020-09-29 23:38:18 UTC (rev 267772)
@@ -1,3 +1,21 @@
+2020-09-29 Wenson Hsieh <wenson_hs...@apple.com>
+
+ [GPU Process] RemoteImageBufferProxy should ensure the state stack of the context is cleared before destruction
+ https://bugs.webkit.org/show_bug.cgi?id=208876
+
+ Reviewed by Tim Horton.
+
+ When running canvas layout tests in debug WebKit, the assertion in `~GraphicsContext()` which verifies that
+ `m_stack.isEmpty()` fires. This occurs because the matching call to restore may still be buffered in the web
+ process when the remote image buffer proxy in the GPU process is destroyed; however, this may also occur if the
+ web process terminates without having sent the matching calls to restore the graphics context.
+
+ We can fix both of these scenarios by manually unwinding the context's state stack when destroying the
+ `RemoteImageBufferProxy`. Original patch by Said Abou-Hallawa.
+
+ * GPUProcess/graphics/RemoteImageBufferProxy.h:
+ (WebKit::RemoteImageBufferProxy::~RemoteImageBufferProxy):
+
2020-09-29 Stephan Szabo <stephan.sz...@sony.com>
[PlayStation] Build fix for GPU Process after r267725
Modified: trunk/Source/WebKit/GPUProcess/graphics/RemoteImageBufferProxy.h (267771 => 267772)
--- trunk/Source/WebKit/GPUProcess/graphics/RemoteImageBufferProxy.h 2020-09-29 23:35:37 UTC (rev 267771)
+++ trunk/Source/WebKit/GPUProcess/graphics/RemoteImageBufferProxy.h 2020-09-29 23:38:18 UTC (rev 267772)
@@ -36,6 +36,7 @@
template<typename BackendType>
class RemoteImageBufferProxy : public WebCore::ConcreteImageBuffer<BackendType>, public RemoteImageBufferMessageHandlerProxy, public WebCore::DisplayList::Replayer::Delegate {
using BaseConcreteImageBuffer = WebCore::ConcreteImageBuffer<BackendType>;
+ using BaseConcreteImageBuffer::context;
using BaseConcreteImageBuffer::m_backend;
public:
@@ -51,6 +52,14 @@
createBackend(m_backend->logicalSize(), m_backend->backendSize(), m_backend->resolutionScale(), m_backend->colorSpace(), m_backend->createImageBufferBackendHandle());
}
+ ~RemoteImageBufferProxy()
+ {
+ // Unwind the context's state stack before destruction, since calls to restore may not have
+ // been flushed yet, or the web process may have terminated.
+ while (context().stackSize())
+ context().restore();
+ }
+
private:
using BaseConcreteImageBuffer::flushDrawingContext;
using BaseConcreteImageBuffer::putImageData;
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
