[webkit-changes] [WebKit/WebKit] e0c0c1: 2D context state flag for inverse transform is not...

Wed, 18 Jun 2025 07:07:56 -0700 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: e0c0c143f85c8f2bfd2b4e00d0c9aa944ab30902
      
https://github.com/WebKit/WebKit/commit/e0c0c143f85c8f2bfd2b4e00d0c9aa944ab30902
  Author: Kimmo Kinnunen <[email protected]>
  Date:   2025-06-18 (Wed, 18 Jun 2025)

  Changed paths:
    A LayoutTests/fast/canvas/canvas-state-non-invertible-ctm-expected.txt
    A LayoutTests/fast/canvas/canvas-state-non-invertible-ctm.html
    M Source/WebCore/html/canvas/CanvasRenderingContext2D.cpp
    M Source/WebCore/html/canvas/CanvasRenderingContext2DBase.cpp
    M Source/WebCore/html/canvas/CanvasRenderingContext2DBase.h

  Log Message:
  -----------
  2D context state flag for inverse transform is not maintained correctly
https://bugs.webkit.org/show_bug.cgi?id=294117
rdar://149686936

Reviewed by Said Abou-Hallawa.

293589@main would make CanvasRenderingContext2DBase::restore() use
    if (hasInvertibleTransform())
instead of:
    if (auto inverse = transform.inverse())

This would cause dereference of unengaged optional for the `inverse`,
because the operations could make the transform non-invertible
even though the operation parameters would not indicate so.
E.g. consider:
  canvas.transform(..., number1, ...);
  canvas.scale(1, bignumber2);

Some pairs of number1, bignumber2 could make the transform
non-invertible.

Fix by modifying the CanvasPath::m_hasInvertibleTransform and
modifiableState().transform only in one function, the added
CanvasRenderingContext2DBase::updateState. Use the actual
inversible state as the source of the m_hasInvertibleTransform.

* LayoutTests/fast/canvas/canvas-state-non-invertible-ctm-expected.txt: Added.
* LayoutTests/fast/canvas/canvas-state-non-invertible-ctm.html: Added.
* Source/WebCore/html/canvas/CanvasRenderingContext2D.cpp:
(WebCore::CanvasRenderingContext2D::drawFocusIfNeededInternal):
* Source/WebCore/html/canvas/CanvasRenderingContext2DBase.cpp:
(WebCore::CanvasRenderingContext2DBase::restore):
(WebCore::CanvasRenderingContext2DBase::scale):
(WebCore::CanvasRenderingContext2DBase::rotate):
(WebCore::CanvasRenderingContext2DBase::translate):
(WebCore::CanvasRenderingContext2DBase::transform):
(WebCore::CanvasRenderingContext2DBase::resetTransform):
(WebCore::CanvasRenderingContext2DBase::updateStateTransform):
* Source/WebCore/html/canvas/CanvasRenderingContext2DBase.h:

Canonical link: https://commits.webkit.org/296373@main



To unsubscribe from these emails, change your notification settings at 
https://github.com/WebKit/WebKit/settings/notifications
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to