Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: f81876e4fa729dc843104242b0a84dbf2a044776
https://github.com/WebKit/WebKit/commit/f81876e4fa729dc843104242b0a84dbf2a044776
Author: Jon Butler <[email protected]>
Date: 2025-08-14 (Thu, 14 Aug 2025)
Changed paths:
M Source/WebCore/platform/graphics/displaylists/DisplayListRecorder.cpp
M Source/WebCore/platform/graphics/displaylists/DisplayListRecorder.h
M Source/WebCore/platform/graphics/displaylists/DisplayListRecorderImpl.cpp
M Source/WebKit/WebProcess/GPU/graphics/RemoteDisplayListRecorderProxy.cpp
Log Message:
-----------
Prevent DisplayListRecorder from emptying the state stack
https://bugs.webkit.org/show_bug.cgi?id=297324
rdar://158214509
Reviewed by Kimmo Kinnunen.
Adds checks to DisplayList Recorder to prevent it from completely emptying it's
state stack.
This prevents crashes in the Vector overflow handler in subsequent uses of
m_statestack.last().
* Source/WebCore/platform/graphics/displaylists/DisplayListRecorder.cpp:
(WebCore::DisplayList::Recorder::updateStateForRestore):
(WebCore::DisplayList::Recorder::updateStateForEndTransparencyLayer):
* Source/WebCore/platform/graphics/displaylists/DisplayListRecorder.h:
* Source/WebCore/platform/graphics/displaylists/DisplayListRecorderImpl.cpp:
(WebCore::DisplayList::RecorderImpl::endTransparencyLayer):
* Source/WebKit/WebProcess/GPU/graphics/RemoteDisplayListRecorderProxy.cpp:
(WebKit::RemoteDisplayListRecorderProxy::endTransparencyLayer):
Canonical link: https://commits.webkit.org/298678@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
