[webkit-changes] [WebKit/WebKit] 75beaa: Improve safety of accessing RemoteLayerTreeContext...
Commit Queue
noreply at github.com
Fri May 17 10:56:20 PDT 2024
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 75beaa7109a5c6fc3f5031f442c6839c4ac2d5d8
https://github.com/WebKit/WebKit/commit/75beaa7109a5c6fc3f5031f442c6839c4ac2d5d8
Author: Matthew Finkel <m_finkel at apple.com>
Date: 2024-05-17 (Fri, 17 May 2024)
Changed paths:
M Source/WebCore/platform/graphics/ca/PlatformCALayer.h
M Source/WebCore/platform/graphics/ca/PlatformCALayer.mm
M Source/WebKit/WebProcess/WebPage/RemoteLayerTree/GraphicsLayerCARemote.h
M Source/WebKit/WebProcess/WebPage/RemoteLayerTree/GraphicsLayerCARemote.mm
M Source/WebKit/WebProcess/WebPage/RemoteLayerTree/PlatformCALayerRemote.h
M Source/WebKit/WebProcess/WebPage/RemoteLayerTree/PlatformCALayerRemote.mm
M Source/WebKit/WebProcess/WebPage/RemoteLayerTree/RemoteLayerTreeContext.h
M Source/WebKit/WebProcess/WebPage/RemoteLayerTree/RemoteLayerTreeContext.mm
M Source/WebKit/WebProcess/WebPage/RemoteLayerTree/RemoteLayerTreeDrawingArea.h
M Source/WebKit/WebProcess/WebPage/RemoteLayerTree/RemoteLayerTreeDrawingArea.mm
Log Message:
-----------
Improve safety of accessing RemoteLayerTreeContext's LayerPool
https://bugs.webkit.org/show_bug.cgi?id=274188
rdar://127480646
Reviewed by Geoffrey Garen.
GraphicsLayerCARemote and PlatformCALayerRemote currently have raw pointers to
a RemoteLayerTreeContext. In some rare cases, we try to access the LayerPool
through the pointer after it was cleared, and this causes a crash.
This patch avoids the crash by changing the PlatformCALayer::layerPool
signature so it returns a pointer that we can null-check. And we replace the
RemoteLayerTreeContext raw pointers with WeakPtr for additional safety.
* Source/WebCore/platform/graphics/ca/PlatformCALayer.h:
* Source/WebCore/platform/graphics/ca/PlatformCALayer.mm:
(WebCore::PlatformCALayer::createCompatibleLayerOrTakeFromPool):
(WebCore::PlatformCALayer::moveToLayerPool):
(WebCore::PlatformCALayer::layerPool):
* Source/WebKit/WebProcess/WebPage/RemoteLayerTree/GraphicsLayerCARemote.h:
* Source/WebKit/WebProcess/WebPage/RemoteLayerTree/GraphicsLayerCARemote.mm:
(WebKit::GraphicsLayerCARemote::~GraphicsLayerCARemote):
(WebKit::GraphicsLayerCARemote::moveToContext):
(WebKit::GraphicsLayerCARemote::createAsyncContentsDisplayDelegate):
(WebKit::GraphicsLayerCARemote::layerMode const):
* Source/WebKit/WebProcess/WebPage/RemoteLayerTree/PlatformCALayerRemote.h:
(WebKit::PlatformCALayerRemote::context const):
(WebKit::PlatformCALayerRemote::clearContext): Deleted.
* Source/WebKit/WebProcess/WebPage/RemoteLayerTree/PlatformCALayerRemote.mm:
(WebKit::PlatformCALayerRemote::~PlatformCALayerRemote):
(WebKit::PlatformCALayerRemote::moveToContext):
(WebKit::PlatformCALayerRemote::shouldIncludeDisplayListInBackingStore const):
(WebKit::PlatformCALayerRemote::updateBackingStore):
(WebKit::PlatformCALayerRemote::copyContentsFromLayer):
(WebKit::PlatformCALayerRemote::addAnimationForKey):
(WebKit::PlatformCALayerRemote::layerPool):
* Source/WebKit/WebProcess/WebPage/RemoteLayerTree/RemoteLayerTreeContext.h:
(WebKit::RemoteLayerTreeContext::create):
* Source/WebKit/WebProcess/WebPage/RemoteLayerTree/RemoteLayerTreeContext.mm:
(WebKit::RemoteLayerTreeContext::~RemoteLayerTreeContext):
* Source/WebKit/WebProcess/WebPage/RemoteLayerTree/RemoteLayerTreeDrawingArea.h:
* Source/WebKit/WebProcess/WebPage/RemoteLayerTree/RemoteLayerTreeDrawingArea.mm:
(WebKit::RemoteLayerTreeDrawingArea::RemoteLayerTreeDrawingArea):
(WebKit::RemoteLayerTreeDrawingArea::graphicsLayerFactory):
(WebKit::RemoteLayerTreeDrawingArea::adoptLayersFromDrawingArea):
Canonical link: https://commits.webkit.org/278916@main
To unsubscribe from these emails, change your notification settings at https://github.com/WebKit/WebKit/settings/notifications
More information about the webkit-changes
mailing list