Title: [294958] trunk/Source
- Revision
- 294958
- Author
- commit-qu...@webkit.org
- Date
- 2022-05-27 15:10:00 -0700 (Fri, 27 May 2022)
Log Message
Crash under RemoteDisplayListRecorder::restore()
https://bugs.webkit.org/show_bug.cgi?id=240545
Reviewed by Simon Fraser.
* Source/WebKit/GPUProcess/graphics/RemoteImageBuffer.h:
(WebKit::RemoteImageBuffer::~RemoteImageBuffer):
Avoid restoring the GraphicsContext stack for volatile
ImageBuffers. The buffers do not have a graphics context.
* Source/WebCore/platform/graphics/ConcreteImageBuffer.h:
Add an assertion to check that volatile image buffers
do not try to access their context.
Canonical link: https://commits.webkit.org/251061@main
Modified Paths
Diff
Modified: trunk/Source/WebCore/platform/graphics/ConcreteImageBuffer.h (294957 => 294958)
--- trunk/Source/WebCore/platform/graphics/ConcreteImageBuffer.h 2022-05-27 22:05:13 UTC (rev 294957)
+++ trunk/Source/WebCore/platform/graphics/ConcreteImageBuffer.h 2022-05-27 22:10:00 UTC (rev 294958)
@@ -89,6 +89,7 @@
GraphicsContext& context() const override
{
ASSERT(m_backend);
+ ASSERT(volatilityState() == VolatilityState::NonVolatile);
return m_backend->context();
}
Modified: trunk/Source/WebKit/GPUProcess/graphics/RemoteImageBuffer.h (294957 => 294958)
--- trunk/Source/WebKit/GPUProcess/graphics/RemoteImageBuffer.h 2022-05-27 22:05:13 UTC (rev 294957)
+++ trunk/Source/WebKit/GPUProcess/graphics/RemoteImageBuffer.h 2022-05-27 22:10:00 UTC (rev 294958)
@@ -61,6 +61,9 @@
~RemoteImageBuffer()
{
+ // Volatile image buffers do not have contexts.
+ if (this->volatilityState() == WebCore::VolatilityState::Volatile)
+ return;
// Unwind the context's state stack before destruction, since calls to restore may not have
// been flushed yet, or the web process may have terminated.
while (context().stackSize())
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
