[webkit-changes] [291771] trunk/Source/WebCore

[said]

Title: [291771] trunk/Source/WebCore

Revision

291771

Author

s...@apple.com

Date

2022-03-23 15:50:35 -0700 (Wed, 23 Mar 2022)

Log Message

[GPU Process] Ensure DisplayList::Recorder and its base class are initialized with the same GraphicsContextState
https://bugs.webkit.org/show_bug.cgi?id=238278
rdar://84602660

Reviewed by Simon Fraser.

DisplayList::RecorderImpl passes the initial GraphicsContextState to its
base class DisplayList::Recorder which pushes it on its stack. But
DisplayList::Recorder does not pass this initial GraphicsContextState to
its base class which is GraphicsContext. So DisplayList::Recorder ends up
having the initial state but the GraphicsContext ends up having the default
state.

DisplayList::Recorder::drawGlyphs() calls DrawGlyphsRecorder::drawGlyphs()
which stores the original fillBrush, strokeBrush and dropShadow. It uses
these original values to restore the owner GraphicsContext when it finishes.
The problem is DrawGlyphsRecorder::drawGlyphs() stores the values in the
state of the GraphicsContext which are the default. So in some cases we
may restore the default state to the drawing GraphicsContext.

* platform/graphics/GraphicsContext.cpp:
(WebCore::GraphicsContext::GraphicsContext):
* platform/graphics/GraphicsContext.h:
* platform/graphics/displaylists/DisplayListRecorder.cpp:
(WebCore::DisplayList::Recorder::Recorder):

Modified Paths

• trunk/Source/WebCore/ChangeLog
• trunk/Source/WebCore/platform/graphics/GraphicsContext.cpp
• trunk/Source/WebCore/platform/graphics/GraphicsContext.h
• trunk/Source/WebCore/platform/graphics/displaylists/DisplayListRecorder.cpp

Diff

Modified: trunk/Source/WebCore/ChangeLog (291770 => 291771)

--- trunk/Source/WebCore/ChangeLog	2022-03-23 22:07:06 UTC (rev 291770)
+++ trunk/Source/WebCore/ChangeLog	2022-03-23 22:50:35 UTC (rev 291771)
@@ -1,3 +1,31 @@
+2022-03-23  Said Abou-Hallawa  <s...@apple.com>
+
+        [GPU Process] Ensure DisplayList::Recorder and its base class are initialized with the same GraphicsContextState
+        https://bugs.webkit.org/show_bug.cgi?id=238278
+        rdar://84602660
+
+        Reviewed by Simon Fraser.
+
+        DisplayList::RecorderImpl passes the initial GraphicsContextState to its
+        base class DisplayList::Recorder which pushes it on its stack. But 
+        DisplayList::Recorder does not pass this initial GraphicsContextState to
+        its base class which is GraphicsContext. So DisplayList::Recorder ends up
+        having the initial state but the GraphicsContext ends up having the default
+        state.
+
+        DisplayList::Recorder::drawGlyphs() calls DrawGlyphsRecorder::drawGlyphs()
+        which stores the original fillBrush, strokeBrush and dropShadow. It uses
+        these original values to restore the owner GraphicsContext when it finishes.
+        The problem is DrawGlyphsRecorder::drawGlyphs() stores the values in the
+        state of the GraphicsContext which are the default. So in some cases we
+        may restore the default state to the drawing GraphicsContext.
+
+        * platform/graphics/GraphicsContext.cpp:
+        (WebCore::GraphicsContext::GraphicsContext):
+        * platform/graphics/GraphicsContext.h:
+        * platform/graphics/displaylists/DisplayListRecorder.cpp:
+        (WebCore::DisplayList::Recorder::Recorder):
+
 2022-03-23  Andres Gonzalez  <andresg...@apple.com>
 
         ITM: Lazy caching of HelpText property that results in a call to textUnderElement().

Modified: trunk/Source/WebCore/platform/graphics/GraphicsContext.cpp (291770 => 291771)

--- trunk/Source/WebCore/platform/graphics/GraphicsContext.cpp	2022-03-23 22:07:06 UTC (rev 291770)
+++ trunk/Source/WebCore/platform/graphics/GraphicsContext.cpp	2022-03-23 22:50:35 UTC (rev 291771)
@@ -48,6 +48,11 @@
 {
 }
 
+GraphicsContext::GraphicsContext(const GraphicsContextState& state)
+    : m_state(state)
+{
+}
+
 GraphicsContext::~GraphicsContext()
 {
     ASSERT(m_stack.isEmpty());

Modified: trunk/Source/WebCore/platform/graphics/GraphicsContext.h (291770 => 291771)

--- trunk/Source/WebCore/platform/graphics/GraphicsContext.h	2022-03-23 22:07:06 UTC (rev 291770)
+++ trunk/Source/WebCore/platform/graphics/GraphicsContext.h	2022-03-23 22:50:35 UTC (rev 291771)
@@ -66,6 +66,7 @@
     WTF_MAKE_NONCOPYABLE(GraphicsContext); WTF_MAKE_FAST_ALLOCATED;
 public:
     WEBCORE_EXPORT GraphicsContext(const GraphicsContextState::ChangeFlags& = { }, InterpolationQuality = InterpolationQuality::Default);
+    WEBCORE_EXPORT GraphicsContext(const GraphicsContextState&);
     WEBCORE_EXPORT virtual ~GraphicsContext();
 
     virtual bool hasPlatformContext() const { return false; }

Modified: trunk/Source/WebCore/platform/graphics/displaylists/DisplayListRecorder.cpp (291770 => 291771)

--- trunk/Source/WebCore/platform/graphics/displaylists/DisplayListRecorder.cpp	2022-03-23 22:07:06 UTC (rev 291770)
+++ trunk/Source/WebCore/platform/graphics/displaylists/DisplayListRecorder.cpp	2022-03-23 22:50:35 UTC (rev 291771)
@@ -43,7 +43,8 @@
 namespace DisplayList {
 
 Recorder::Recorder(const GraphicsContextState& state, const FloatRect& initialClip, const AffineTransform& initialCTM, DrawGlyphsRecorder::DeconstructDrawGlyphs deconstructDrawGlyphs)
-    : m_drawGlyphsRecorder(*this, deconstructDrawGlyphs)
+    : GraphicsContext(state)
+    , m_drawGlyphsRecorder(*this, deconstructDrawGlyphs)
 {
     m_stateStack.append({ state, initialCTM, initialCTM.mapRect(initialClip) });
 }

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes