RESOLVED FIXED 226917
AcceleratedImageBuffer not instantiated but objects are punned to the type 
https://bugs.webkit.org/show_bug.cgi?id=226917
Summary AcceleratedImageBuffer not instantiated but objects are punned to the type
Kimmo Kinnunen
Reported 2021-06-11 05:38:00 PDT
AcceleratedImageBuffer is never instantiated and not instantiable. Objects are being punned as AcceleratedImageBuffer even though it's not possible to be correct. The AcceleratedImageBuffer::create is not returning what the callers think it is returning.
Attachments
Patch (17.30 KB, patch)
2021-06-11 05:55 PDT, Kimmo Kinnunen 		no flags
DetailsFormatted DiffDiff
Patch (18.14 KB, patch)
2021-06-11 06:06 PDT, Kimmo Kinnunen 		no flags
DetailsFormatted DiffDiff
Patch (17.93 KB, patch)
2021-06-11 06:16 PDT, Kimmo Kinnunen 		no flags
DetailsFormatted DiffDiff
Patch (19.75 KB, patch)
2021-06-11 06:18 PDT, Kimmo Kinnunen 		ews-feeder: commit-queue-
DetailsFormatted DiffDiff
Patch (17.74 KB, patch)
2021-06-11 06:22 PDT, Kimmo Kinnunen 		no flags
DetailsFormatted DiffDiff
Patch (17.26 KB, patch)
2021-06-14 02:05 PDT, Kimmo Kinnunen 		no flags
DetailsFormatted DiffDiff
Patch for landing (18.35 KB, patch)
2021-06-14 02:09 PDT, Kimmo Kinnunen 		no flags
DetailsFormatted DiffDiff
Show Obsolete (6) View All Add attachment proposed patch, testcase, etc.
Kimmo Kinnunen
Comment 1 2021-06-11 05:55:18 PDT
Created attachment 431188 [details] Patch
Kimmo Kinnunen
Comment 2 2021-06-11 06:06:33 PDT
Created attachment 431189 [details] Patch
Kimmo Kinnunen
Comment 3 2021-06-11 06:16:47 PDT
Created attachment 431190 [details] Patch
Kimmo Kinnunen
Comment 4 2021-06-11 06:18:13 PDT
Created attachment 431191 [details] Patch
Kimmo Kinnunen
Comment 5 2021-06-11 06:22:06 PDT
Created attachment 431192 [details] Patch
Said Abou-Hallawa
Comment 6 2021-06-11 11:48:59 PDT
Comment on attachment 431192 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=431192&action=review > Source/WebCore/platform/graphics/PlatformImageBuffer.h:45 > +namespace Detail { I am not sure I agree with this change especially there are similar definitions in PlatformImageBufferShareableBackend.h. Can we move this change to a operate patch since it is unrelated to what you are trying to fix? > Source/WebCore/platform/graphics/PlatformImageBuffer.h:82 > + IOSurfaceImageBuffer(const WebCore::ImageBufferBackend::Parameters& parameters, std::unique_ptr<ImageBufferIOSurfaceBackend>&& backend) > + : Base(parameters, WTFMove(backend)) > + { > + } This constructor can be replaced by: using Base::Base; > Source/WebCore/platform/graphics/cg/ImageBufferCGBitmapBackend.h:40 > + WEBCORE_EXPORT static IntSize calculateSafeBackendSize(const Parameters&); > + WEBCORE_EXPORT static size_t calculateMemoryCost(const Parameters&); Why do we need to export these functions? I guess this is because the new api test calls ConcreteImageBuffer::create()? > Source/WebCore/platform/graphics/coreimage/FilterEffectRendererCoreImage.mm:280 > + auto outputImageBuffer = IOSurfaceImageBuffer::create(clampedSize, lastEffect.filter().filterScale(), lastEffect.resultColorSpace(), PixelFormat::BGRA8); What is the point of using this local variable and then moving it to the member m_outputImageBuffer? Is this because m_outputImageBuffer defined to be RefPtr<ImageBuffer> and you want to avoid casting? RefPtr<ImageBuffer> m_outputImageBuffer; I think it is better to change it to be RefPtr<AcceleratedImageBuffer> or even better RefPtr<IOSurfaceImageBuffer>.
Kimmo Kinnunen
Comment 7 2021-06-14 02:05:09 PDT
Created attachment 431306 [details] Patch
Kimmo Kinnunen
Comment 8 2021-06-14 02:09:27 PDT
Created attachment 431307 [details] Patch for landing
Kimmo Kinnunen
Comment 9 2021-06-14 03:17:32 PDT
(In reply to Said Abou-Hallawa from comment #6) > > Source/WebCore/platform/graphics/coreimage/FilterEffectRendererCoreImage.mm:280 > > + auto outputImageBuffer = IOSurfaceImageBuffer::create(clampedSize, lastEffect.filter().filterScale(), lastEffect.resultColorSpace(), PixelFormat::BGRA8); > > What is the point of using this local variable and then moving it to the > member m_outputImageBuffer? 1) The principle of members should not be assigned unless the function succeeds 2) The principle of big allocations should not be done before clearing up old allocations, in cases where the allocating function destroys the existing state in success and error case Moved these to bug 226962
EWS
Comment 10 2021-06-14 10:27:54 PDT
Committed r278832 (238783@main): <https://commits.webkit.org/238783@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 431307 [details].
Radar WebKit Bug Importer
Comment 11 2021-06-14 10:28:27 PDT
<rdar://problem/79295676>
Note You need to log in before you can comment on or make changes to this bug.