[webkit-changes] [WebKit/WebKit] c54dbe: Crash while running WebCore::SourceBufferPrivate::...

Jean-Yves Avenard noreply at github.com
Fri Nov 17 22:09:15 PST 2023


  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: c54dbe8ebd21d9268a73bb4e611bf9424d8172e7
      https://github.com/WebKit/WebKit/commit/c54dbe8ebd21d9268a73bb4e611bf9424d8172e7
  Author: Jean-Yves Avenard <jya at apple.com>
  Date:   2023-11-17 (Fri, 17 Nov 2023)

  Changed paths:
    M Source/WebCore/platform/graphics/SourceBufferPrivate.cpp
    M Source/WebCore/platform/graphics/SourceBufferPrivate.h

  Log Message:
  -----------
  Crash while running WebCore::SourceBufferPrivate::processMediaSamplesOperation
https://bugs.webkit.org/show_bug.cgi?id=265008
rdar://116953621

Reviewed by Youenn Fablet.

It was possible for either memoryPressure or removeCodedFrame to be run in the middle of a pending appendBuffer operation.
The move to NativePromise already eliminated most of the possibilities by removeCodedFrame operation wasn't queued to the pending
list of operation.
We now only process removeCodedFrame once we have fully completed any pending appendBuffer.
Also, we allow for the appendBuffer operation to be aborted in more places.

* Source/WebCore/platform/graphics/SourceBufferPrivate.cpp:
(WebCore::SourceBufferPrivate::removeCodedFrames):
(WebCore::SourceBufferPrivate::didReceiveInitializationSegment):
(WebCore::SourceBufferPrivate::append):
(WebCore::SourceBufferPrivate::processPendingMediaSamples):

Canonical link: https://commits.webkit.org/270929@main




More information about the webkit-changes mailing list