123651 – Remote Layer Tree: Crashes allocating incredibly large backing store for tiled backing layers

Bug 123651 - Remote Layer Tree: Crashes allocating incredibly large backing store for tiled backing layers

Summary: Remote Layer Tree: Crashes allocating incredibly large backing store for tile...

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	WebKit2 (show other bugs)
Version:	528+ (Nightly build)
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Tim Horton

URL:
Keywords:

Depends on:
Blocks:

Reported:	2013-11-01 17:55 PDT by Tim Horton
Modified:	2013-11-01 19:21 PDT (History)
CC List:	3 users (show)

See Also:

Attachments
patch (2.09 KB, patch) 2013-11-01 17:56 PDT, Tim Horton	no flags	Details \| Formatted Diff \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Tim Horton 2013-11-01 17:55:05 PDT

It's easy to crash on IE Flying Images if you increase the number of images a bit.

Tiled backing layers shouldn't have backing store themselves! But they do, because of a silly mistake in http://trac.webkit.org/changeset/158417... we can't dirty the whole layer if we have no existing front buffer if we have no paints, because that will lead to layers which were never setNeedsDisplay()'d getting backing store. Added back an assertion that will catch this, too.

Probably we should strengthen the mechanism that causes never-setNeedsDisplay'd layers from getting backing store.

Comment 1 Tim Horton 2013-11-01 17:56:27 PDT

Created attachment 215788 [details]
patch

Comment 2 WebKit Commit Bot 2013-11-01 19:21:10 PDT

Comment on attachment 215788 [details]
patch

Clearing flags on attachment: 215788

Committed r158481: <http://trac.webkit.org/changeset/158481>

Comment 3 WebKit Commit Bot 2013-11-01 19:21:12 PDT

All reviewed patches have been landed.  Closing bug.