Bug 285739

Summary: [GTK] Image surface leak in AcceleratedBackingStoreDMABuf::BufferSHM::didUpdateContents
Product: WebKit Reporter: DunyaKokoschka
Component: WebKitGTKAssignee: Michael Catanzaro <mcatanzaro>
Status: RESOLVED FIXED    
Severity: Normal CC: bugs-noreply, mcatanzaro
Priority: P2    
Version: Other   
Hardware: PC   
OS: Linux   

DunyaKokoschka
Reported 2025-01-10 03:10:56 PST
In AcceleratedBackingStoreDMABuf::BufferSHM::didUpdateContents (https://github.com/WebKit/WebKit/blob/main/Source/WebKit/UIProcess/gtk/AcceleratedBackingStoreDMABuf.cpp#L592) there is a call to `cairo_image_surface_create_for_data` and the return value is directly assigned to a `RefPtr<cairo_surface_t>` without being passed through `adoptRef`. This causes a memory leak. ``` void AcceleratedBackingStoreDMABuf::BufferSHM::didUpdateContents(Buffer*, const WebCore::Region&) { #if USE(CAIRO) m_surface = m_bitmap->createCairoSurface(); #elif USE(SKIA) m_surface = adoptRef(cairo_image_surface_create_for_data(m_bitmap->mutableSpan().data(), CAIRO_FORMAT_ARGB32, m_size.width(), m_size.height(), m_bitmap->bytesPerRow())); m_bitmap->ref(); static cairo_user_data_key_t s_surfaceDataKey; cairo_surface_set_user_data(m_surface.get(), &s_surfaceDataKey, m_bitmap.get(), [](void* userData) { static_cast<WebCore::ShareableBitmap*>(userData)->deref(); }); #endif cairo_surface_set_device_scale(m_surface.get(), deviceScaleFactor(), deviceScaleFactor()); } ```
Attachments
Add attachment proposed patch, testcase, etc.
Michael Catanzaro
Comment 1 2025-01-10 07:34:34 PST
Thanks for reporting this.
Michael Catanzaro
Comment 2 2025-01-10 07:35:33 PST
Pull request: https://github.com/WebKit/WebKit/pull/38843
EWS
Comment 3 2025-01-10 09:46:49 PST
Committed 288715@main (697eaa0ed00e): <https://commits.webkit.org/288715@main> Reviewed commits have been landed. Closing PR #38843 and removing active labels.
Note You need to log in before you can comment on or make changes to this bug.