Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 07dade918043f99fb9ff8d13cbba3414b85a054d
https://github.com/WebKit/WebKit/commit/07dade918043f99fb9ff8d13cbba3414b85a054d
Author: Mike Wyrzykowski <[email protected]>
Date: 2025-04-14 (Mon, 14 Apr 2025)
Changed paths:
A LayoutTests/fast/webgpu/nocrash/fuzz-291545-expected.txt
A LayoutTests/fast/webgpu/nocrash/fuzz-291545.html
M Source/WebGPU/WebGPU/CommandEncoder.mm
Log Message:
-----------
[WebGPU] nullptr crash in index buffer validation
https://bugs.webkit.org/show_bug.cgi?id=291545
rdar://149246187
Reviewed by Cameron McCormack.
293608@main moved a RefPtr to a function callback inside a for-loop,
so upon the second iteration of the loop the RefPtr was nullptr and we
crashed with a nullptr access.
Address this by looking up the buffer in the for loop.
* LayoutTests/fast/webgpu/nocrash/fuzz-291545-expected.txt: Added.
* LayoutTests/fast/webgpu/nocrash/fuzz-291545.html: Added.
Add regression test.
* Source/WebGPU/WebGPU/CommandEncoder.mm:
(WebGPU::CommandEncoder::CommandEncoder):
Canonical link: https://commits.webkit.org/293702@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
