242788 – Don't nullify WebGLExtension::m_context on context loss.

RESOLVED FIXED 242788

Don't nullify WebGLExtension::m_context on context loss.

https://bugs.webkit.org/show_bug.cgi?id=242788

Summary Don't nullify WebGLExtension::m_context on context loss.

Dan Glastonbury

Reported 2022-07-14 21:36:58 PDT

WebGLExtension::loseParentContext() nulls m_context pointer. In the GPUP world, where any GL call can result in a context loss, this behaviour can lead to null pointer access at random places inside a WebGL extension object after the code has checked for a valid m_context pointer at function entry.

Attachments
Add attachment proposed patch, testcase, etc.

Dan Glastonbury

Comment 1 2022-07-14 21:37:40 PDT

rdar://95969241

Dan Glastonbury

Comment 2 2022-07-14 21:49:37 PDT

Pull request: https://github.com/WebKit/WebKit/pull/2442

EWS

Comment 3 2022-07-25 19:35:18 PDT

Committed 252810@main (554972c0f0a7): <https://commits.webkit.org/252810@main> Reviewed commits have been landed. Closing PR #2442 and removing active labels.

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P2

Severity Major

Classification Unclassified

Version WebKit Nightly Build

Hardware All

OS All

Product WebKit

Component WebGL

Assignee

Dan Glastonbury

Reported

2022-07-14 21:36 PDT

Modified

2022-07-25 19:35 PDT History

CC List

4 users Show

URL

Keywords InRadar

Depends on

Blocks