Title: [282929] branches/safari-612-branch
- Revision
- 282929
- Author
- repst...@apple.com
- Date
- 2021-09-22 22:13:37 -0700 (Wed, 22 Sep 2021)
Log Message
Cherry-pick r281613. rdar://problem/83429969
Crash in GraphicsContextGLOpenGL::reshapeDisplayBufferBacking
https://bugs.webkit.org/show_bug.cgi?id=229309
Patch by Alex Christensen <achristen...@webkit.org> on 2021-08-25
Reviewed by Myles C. Maxfield.
Source/WebCore:
Test: fast/canvas/xr-compatible-crash.html
Null check m_swapChain because reshapeDisplayBufferBacking can be called before it is set.
* html/canvas/WebGLRenderingContextBase.cpp:
(WebCore::WebGLRenderingContextBase::addContextObject):
* platform/graphics/angle/GraphicsContextGLANGLE.cpp:
(WebCore::GraphicsContextGLOpenGL::reshapeFBOs):
* platform/graphics/cocoa/GraphicsContextGLOpenGLCocoa.mm:
(WebCore::GraphicsContextGLOpenGL::reshapeDisplayBufferBacking):
LayoutTests:
* fast/canvas/xr-compatible-crash.html: Added.
* fast/canvas/xr-compatible-crash-expected.txt: Added.
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@281613 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Modified Paths
Added Paths
Diff
Modified: branches/safari-612-branch/LayoutTests/ChangeLog (282928 => 282929)
--- branches/safari-612-branch/LayoutTests/ChangeLog 2021-09-23 05:13:33 UTC (rev 282928)
+++ branches/safari-612-branch/LayoutTests/ChangeLog 2021-09-23 05:13:37 UTC (rev 282929)
@@ -1,5 +1,45 @@
2021-09-22 Alan Coon <alanc...@apple.com>
+ Cherry-pick r281613. rdar://problem/83429969
+
+ Crash in GraphicsContextGLOpenGL::reshapeDisplayBufferBacking
+ https://bugs.webkit.org/show_bug.cgi?id=229309
+
+ Patch by Alex Christensen <achristen...@webkit.org> on 2021-08-25
+ Reviewed by Myles C. Maxfield.
+
+ Source/WebCore:
+
+ Test: fast/canvas/xr-compatible-crash.html
+
+ Null check m_swapChain because reshapeDisplayBufferBacking can be called before it is set.
+
+ * html/canvas/WebGLRenderingContextBase.cpp:
+ (WebCore::WebGLRenderingContextBase::addContextObject):
+ * platform/graphics/angle/GraphicsContextGLANGLE.cpp:
+ (WebCore::GraphicsContextGLOpenGL::reshapeFBOs):
+ * platform/graphics/cocoa/GraphicsContextGLOpenGLCocoa.mm:
+ (WebCore::GraphicsContextGLOpenGL::reshapeDisplayBufferBacking):
+
+ LayoutTests:
+
+ * fast/canvas/xr-compatible-crash.html: Added.
+ * fast/canvas/xr-compatible-crash-expected.txt: Added.
+
+ git-svn-id: https://svn.webkit.org/repository/webkit/trunk@281613 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+ 2021-08-25 Alex Christensen <achristen...@webkit.org>
+
+ Crash in GraphicsContextGLOpenGL::reshapeDisplayBufferBacking
+ https://bugs.webkit.org/show_bug.cgi?id=229309
+
+ Reviewed by Myles C. Maxfield.
+
+ * fast/canvas/xr-compatible-crash.html: Added.
+ * fast/canvas/xr-compatible-crash-expected.txt: Added.
+
+2021-09-22 Alan Coon <alanc...@apple.com>
+
Cherry-pick r281431. rdar://problem/83429553
Report correct blocked URI in CSP violation report
Added: branches/safari-612-branch/LayoutTests/fast/canvas/xr-compatible-crash-expected.txt (0 => 282929)
--- branches/safari-612-branch/LayoutTests/fast/canvas/xr-compatible-crash-expected.txt (rev 0)
+++ branches/safari-612-branch/LayoutTests/fast/canvas/xr-compatible-crash-expected.txt 2021-09-23 05:13:37 UTC (rev 282929)
@@ -0,0 +1 @@
+This test passes if it does not crash.
Added: branches/safari-612-branch/LayoutTests/fast/canvas/xr-compatible-crash.html (0 => 282929)
--- branches/safari-612-branch/LayoutTests/fast/canvas/xr-compatible-crash.html (rev 0)
+++ branches/safari-612-branch/LayoutTests/fast/canvas/xr-compatible-crash.html 2021-09-23 05:13:37 UTC (rev 282929)
@@ -0,0 +1,8 @@
+This test passes if it does not crash.
+<script>
+ if (window.testRunner) {
+ testRunner.dumpAsText();
+ }
+ in_canvas = document.body.appendChild(document.createElement('canvas'));
+ webgl = in_canvas.getContext('webgl', { xrCompatible: true });
+</script>
Modified: branches/safari-612-branch/Source/WebCore/ChangeLog (282928 => 282929)
--- branches/safari-612-branch/Source/WebCore/ChangeLog 2021-09-23 05:13:33 UTC (rev 282928)
+++ branches/safari-612-branch/Source/WebCore/ChangeLog 2021-09-23 05:13:37 UTC (rev 282929)
@@ -1,5 +1,53 @@
2021-09-22 Alan Coon <alanc...@apple.com>
+ Cherry-pick r281613. rdar://problem/83429969
+
+ Crash in GraphicsContextGLOpenGL::reshapeDisplayBufferBacking
+ https://bugs.webkit.org/show_bug.cgi?id=229309
+
+ Patch by Alex Christensen <achristen...@webkit.org> on 2021-08-25
+ Reviewed by Myles C. Maxfield.
+
+ Source/WebCore:
+
+ Test: fast/canvas/xr-compatible-crash.html
+
+ Null check m_swapChain because reshapeDisplayBufferBacking can be called before it is set.
+
+ * html/canvas/WebGLRenderingContextBase.cpp:
+ (WebCore::WebGLRenderingContextBase::addContextObject):
+ * platform/graphics/angle/GraphicsContextGLANGLE.cpp:
+ (WebCore::GraphicsContextGLOpenGL::reshapeFBOs):
+ * platform/graphics/cocoa/GraphicsContextGLOpenGLCocoa.mm:
+ (WebCore::GraphicsContextGLOpenGL::reshapeDisplayBufferBacking):
+
+ LayoutTests:
+
+ * fast/canvas/xr-compatible-crash.html: Added.
+ * fast/canvas/xr-compatible-crash-expected.txt: Added.
+
+ git-svn-id: https://svn.webkit.org/repository/webkit/trunk@281613 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+ 2021-08-25 Alex Christensen <achristen...@webkit.org>
+
+ Crash in GraphicsContextGLOpenGL::reshapeDisplayBufferBacking
+ https://bugs.webkit.org/show_bug.cgi?id=229309
+
+ Reviewed by Myles C. Maxfield.
+
+ Test: fast/canvas/xr-compatible-crash.html
+
+ Null check m_swapChain because reshapeDisplayBufferBacking can be called before it is set.
+
+ * html/canvas/WebGLRenderingContextBase.cpp:
+ (WebCore::WebGLRenderingContextBase::addContextObject):
+ * platform/graphics/angle/GraphicsContextGLANGLE.cpp:
+ (WebCore::GraphicsContextGLOpenGL::reshapeFBOs):
+ * platform/graphics/cocoa/GraphicsContextGLOpenGLCocoa.mm:
+ (WebCore::GraphicsContextGLOpenGL::reshapeDisplayBufferBacking):
+
+2021-09-22 Alan Coon <alanc...@apple.com>
+
Cherry-pick r281431. rdar://problem/83429553
Report correct blocked URI in CSP violation report
Modified: branches/safari-612-branch/Source/WebCore/html/canvas/WebGLRenderingContextBase.cpp (282928 => 282929)
--- branches/safari-612-branch/Source/WebCore/html/canvas/WebGLRenderingContextBase.cpp 2021-09-23 05:13:33 UTC (rev 282928)
+++ branches/safari-612-branch/Source/WebCore/html/canvas/WebGLRenderingContextBase.cpp 2021-09-23 05:13:37 UTC (rev 282929)
@@ -6336,7 +6336,6 @@
if (m_isPendingPolicyResolution)
return;
- ASSERT(!isContextLost());
m_contextObjects.add(&object);
}
Modified: branches/safari-612-branch/Source/WebCore/platform/graphics/angle/GraphicsContextGLANGLE.cpp (282928 => 282929)
--- branches/safari-612-branch/Source/WebCore/platform/graphics/angle/GraphicsContextGLANGLE.cpp 2021-09-23 05:13:33 UTC (rev 282928)
+++ branches/safari-612-branch/Source/WebCore/platform/graphics/angle/GraphicsContextGLANGLE.cpp 2021-09-23 05:13:37 UTC (rev 282929)
@@ -149,7 +149,6 @@
// resize regular FBO
gl::BindFramebuffer(GL_FRAMEBUFFER, m_fbo);
- ASSERT(m_texture);
#if PLATFORM(COCOA)
if (!reshapeDisplayBufferBacking()) {
Modified: branches/safari-612-branch/Source/WebCore/platform/graphics/cocoa/GraphicsContextGLOpenGLCocoa.mm (282928 => 282929)
--- branches/safari-612-branch/Source/WebCore/platform/graphics/cocoa/GraphicsContextGLOpenGLCocoa.mm 2021-09-23 05:13:33 UTC (rev 282928)
+++ branches/safari-612-branch/Source/WebCore/platform/graphics/cocoa/GraphicsContextGLOpenGLCocoa.mm 2021-09-23 05:13:37 UTC (rev 282929)
@@ -621,10 +621,12 @@
m_displayBufferPbuffer = EGL_NO_SURFACE;
}
// Reset the future recycled buffer now, because it most likely will not be reusable at the time it will be reused.
- auto recycledBuffer = m_swapChain->recycleBuffer();
- if (recycledBuffer.handle)
- EGL_DestroySurface(m_displayObj, recycledBuffer.handle);
- recycledBuffer.surface.reset();
+ if (m_swapChain) {
+ auto recycledBuffer = m_swapChain->recycleBuffer();
+ if (recycledBuffer.handle)
+ EGL_DestroySurface(m_displayObj, recycledBuffer.handle);
+ recycledBuffer.surface.reset();
+ }
return allocateAndBindDisplayBufferBacking();
}
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes