[Webkit-unassigned] [Bug 235284] New: REGRESSION (r249823): gl::Context::onProgramLink() leaks gl::Framebuffer object due early return when an error occurs in ANGLE_TRY() macro

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Sun Jan 16 14:33:20 PST 2022 

https://bugs.webkit.org/show_bug.cgi?id=235284

            Bug ID: 235284
           Summary: REGRESSION (r249823): gl::Context::onProgramLink()
                    leaks gl::Framebuffer object due early return when an
                    error occurs in ANGLE_TRY() macro
           Product: WebKit
           Version: Other
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: ANGLE
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: ddkilzer at webkit.org
                CC: dino at apple.com, kbr at google.com, kkinnunen at apple.com,
                    kpiddington at apple.com
        Depends on: 201156

gl::Context::onProgramLink() leaks gl::Framebuffer object due early return when an error occurs in ANGLE_TRY() macro.

The ANGLE_TRY() after `newDefaultFramebuffer` is set can return early, thus leaking the gl::Framebuffer object objects created in the previous if/else blocks:

    if (drawSurface != nullptr)
    {
        ANGLE_TRY(drawSurface->makeCurrent(this));
        newDefaultFramebuffer = drawSurface->createDefaultFramebuffer(this, readSurface);
    }
    else
    {
        newDefaultFramebuffer = new Framebuffer(this, mImplementation.get(), readSurface);
    }
    ASSERT(newDefaultFramebuffer);

    if (readSurface && (drawSurface != readSurface))
    {
        ANGLE_TRY(readSurface->makeCurrent(this));  // Leak of gl::Framebuffer on early return.
    }

Found by clang static analyzer.

Regressed with this commit:

    Update ANGLE
    <https://bugs.webkit.org/show_bug.cgi?id=201156>
    <rdar://problem/55288132>
    <https://commits.webkit.org/r249823>


Referenced Bugs:

https://bugs.webkit.org/show_bug.cgi?id=201156
[Bug 201156] Update ANGLE
-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20220116/938ebd36/attachment.htm>

More information about the webkit-unassigned mailing list