[webkit-changes] [287775] trunk/Source/WebKit

Fri, 07 Jan 2022 11:57:51 -0800

Title: [287775] trunk/Source/WebKit
Revision
287775
Author
mmaxfi...@apple.com
Date
2022-01-07 11:57:05 -0800 (Fri, 07 Jan 2022)

Log Message

Web process shouldn't crash if ImageBuffer::ensureBackendCreated() fails
https://bugs.webkit.org/show_bug.cgi?id=232520
<rdar://problem/84829717>

Reviewed by Simon Fraser.

Guard against the possibility of it returning null.

No new tests because there shouldn't be any behavior change after https://bugs.webkit.org/show_bug.cgi?id=232470.
It's still good to do this, though, to be defensive.

* Shared/RemoteLayerTree/RemoteLayerBackingStore.mm:
(WebKit::RemoteLayerBackingStore::encode const):
* WebProcess/GPU/graphics/RemoteImageBufferProxy.h:
(WebKit::RemoteImageBufferProxy::createImageBufferBackendHandle):

Modified Paths

Diff

Modified: trunk/Source/WebKit/ChangeLog (287774 => 287775)


--- trunk/Source/WebKit/ChangeLog	2022-01-07 19:48:43 UTC (rev 287774)
+++ trunk/Source/WebKit/ChangeLog	2022-01-07 19:57:05 UTC (rev 287775)
@@ -1,3 +1,21 @@
+2021-10-30  Myles C. Maxfield  <mmaxfi...@apple.com>
+
+        Web process shouldn't crash if ImageBuffer::ensureBackendCreated() fails
+        https://bugs.webkit.org/show_bug.cgi?id=232520
+        <rdar://problem/84829717>
+
+        Reviewed by Simon Fraser.
+
+        Guard against the possibility of it returning null.
+
+        No new tests because there shouldn't be any behavior change after https://bugs.webkit.org/show_bug.cgi?id=232470.
+        It's still good to do this, though, to be defensive.
+
+        * Shared/RemoteLayerTree/RemoteLayerBackingStore.mm:
+        (WebKit::RemoteLayerBackingStore::encode const):
+        * WebProcess/GPU/graphics/RemoteImageBufferProxy.h:
+        (WebKit::RemoteImageBufferProxy::createImageBufferBackendHandle):
+
 2022-01-07  Myles C. Maxfield  <mmaxfi...@apple.com>
 
         ImageBuffer with floating point logicalSize() paints into a slightly truncated destination rect

Modified: trunk/Source/WebKit/Shared/RemoteLayerTree/RemoteLayerBackingStore.mm (287774 => 287775)


--- trunk/Source/WebKit/Shared/RemoteLayerTree/RemoteLayerBackingStore.mm	2022-01-07 19:48:43 UTC (rev 287774)
+++ trunk/Source/WebKit/Shared/RemoteLayerTree/RemoteLayerBackingStore.mm	2022-01-07 19:57:05 UTC (rev 287775)
@@ -122,13 +122,16 @@
     } else if (m_frontBuffer.imageBuffer) {
         switch (m_type) {
         case Type::IOSurface:
-            if (m_frontBuffer.imageBuffer->canMapBackingStore())
-                handle = static_cast<AcceleratedImageBufferShareableMappedBackend&>(*m_frontBuffer.imageBuffer->ensureBackendCreated()).createImageBufferBackendHandle();
-            else
-                handle = static_cast<AcceleratedImageBufferShareableBackend&>(*m_frontBuffer.imageBuffer->ensureBackendCreated()).createImageBufferBackendHandle();
+            if (auto* backend = m_frontBuffer.imageBuffer->ensureBackendCreated()) {
+                if (m_frontBuffer.imageBuffer->canMapBackingStore())
+                    handle = static_cast<AcceleratedImageBufferShareableMappedBackend&>(*backend).createImageBufferBackendHandle();
+                else
+                    handle = static_cast<AcceleratedImageBufferShareableBackend&>(*backend).createImageBufferBackendHandle();
+            }
             break;
         case Type::Bitmap:
-            handle = static_cast<UnacceleratedImageBufferShareableBackend&>(*m_frontBuffer.imageBuffer->ensureBackendCreated()).createImageBufferBackendHandle();
+            if (auto* backend = m_frontBuffer.imageBuffer->ensureBackendCreated())
+                handle = static_cast<UnacceleratedImageBufferShareableBackend&>(*backend).createImageBufferBackendHandle();
             break;
         }
     }
@@ -137,8 +140,10 @@
 
 #if ENABLE(CG_DISPLAY_LIST_BACKED_IMAGE_BUFFER)
     std::optional<ImageBufferBackendHandle> displayListHandle;
-    if (m_frontBuffer.displayListImageBuffer)
-        displayListHandle = static_cast<CGDisplayListImageBufferBackend&>(*m_frontBuffer.displayListImageBuffer->ensureBackendCreated()).createImageBufferBackendHandle();
+    if (m_frontBuffer.displayListImageBuffer) {
+        if (auto* backend = m_frontBuffer.displayListImageBuffer->ensureBackendCreated())
+            displayListHandle = static_cast<CGDisplayListImageBufferBackend&>(*backend).createImageBufferBackendHandle();
+    }
 
     encoder << displayListHandle;
 #endif

Modified: trunk/Source/WebKit/WebProcess/GPU/graphics/RemoteImageBufferProxy.h (287774 => 287775)


--- trunk/Source/WebKit/WebProcess/GPU/graphics/RemoteImageBufferProxy.h	2022-01-07 19:48:43 UTC (rev 287774)
+++ trunk/Source/WebKit/WebProcess/GPU/graphics/RemoteImageBufferProxy.h	2022-01-07 19:57:05 UTC (rev 287775)
@@ -75,8 +75,9 @@
 
     ImageBufferBackendHandle createImageBufferBackendHandle()
     {
-        ensureBackendCreated();
-        return m_backend->createImageBufferBackendHandle();
+        if (ensureBackendCreated())
+            return m_backend->createImageBufferBackendHandle();
+        return { };
     }
 
     WebCore::GraphicsContextFlushIdentifier lastSentFlushIdentifier() const { return m_sentFlushIdentifier; }

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to