211160 – REGRESSION (r260407): Over-release of NSGraphicsContext in WebKit::convertPlatformImageToBitmap()

Bug 211160 - REGRESSION (r260407): Over-release of NSGraphicsContext in WebKit::convertPlatformImageToBitmap()

Summary: REGRESSION (r260407): Over-release of NSGraphicsContext in WebKit::convertPla...

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	WebKit2 (show other bugs)
Version:	Other
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	David Kilzer (:ddkilzer)

URL:
Keywords:	InRadar

Depends on:	208891
Blocks:
	Show dependency tree / graph

Reported:	2020-04-28 19:33 PDT by David Kilzer (:ddkilzer)
Modified:	2020-05-08 21:09 PDT (History)
CC List:	4 users (show)

See Also:	210814 211274 211660

Attachments
Patch v1 (1.83 KB, patch) 2020-04-28 19:34 PDT, David Kilzer (:ddkilzer)	darin: review+ ddkilzer: commit-queue-	Details \| Formatted Diff \| Diff
Patch for landing (1.79 KB, patch) 2020-04-28 20:01 PDT, David Kilzer (:ddkilzer)	no flags	Details \| Formatted Diff \| Diff
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description David Kilzer (:ddkilzer) 2020-04-28 19:33:24 PDT

Over-release of NSGraphicsContext in WebKit::convertPlatformImageToBitmap().

Occurred in r260407 for Bug 208891:

    auto savedContext = adoptNS([NSGraphicsContext currentContext]);

Comment 1 David Kilzer (:ddkilzer) 2020-04-28 19:34:06 PDT

Created attachment 397917 [details]
Patch v1

Comment 2 David Kilzer (:ddkilzer) 2020-04-28 19:43:35 PDT

Comment on attachment 397917 [details]
Patch v1

View in context: https://bugs.webkit.org/attachment.cgi?id=397917&action=review

> Source/WebKit/UIProcess/Cocoa/WebPageProxyCocoa.mm:408
> -    auto savedContext = adoptNS([NSGraphicsContext currentContext]);
> +    RetainPtr<NSGraphicsContext> savedContext = [NSGraphicsContext currentContext];

Do we have an RAII object to save NSGraphicsContext.currentContext?  Seems like it might be useful.

Comment 3 David Kilzer (:ddkilzer) 2020-04-28 19:51:01 PDT

Comment on attachment 397917 [details]
Patch v1

View in context: https://bugs.webkit.org/attachment.cgi?id=397917&action=review

>> Source/WebKit/UIProcess/Cocoa/WebPageProxyCocoa.mm:408
>> +    RetainPtr<NSGraphicsContext> savedContext = [NSGraphicsContext currentContext];
> 
> Do we have an RAII object to save NSGraphicsContext.currentContext?  Seems like it might be useful.

Looks like we have this in WebCore, but it's all CG-based:

    ALLOW_DEPRECATED_DECLARATIONS_BEGIN
    CGContextRef cgContext = (CGContextRef)[[NSGraphicsContext currentContext] graphicsPort];
    ALLOW_DEPRECATED_DECLARATIONS_END

    CGContextStateSaver stateSaver(cgContext);

Via drawCellFocusRingWithFrameAtTime() in Source/WebCore/platform/mac/ThemeMac.mm.

Comment 4 Darin Adler 2020-04-28 19:54:11 PDT

Comment on attachment 397917 [details]
Patch v1

View in context: https://bugs.webkit.org/attachment.cgi?id=397917&action=review

>>> Source/WebKit/UIProcess/Cocoa/WebPageProxyCocoa.mm:408
>>> +    RetainPtr<NSGraphicsContext> savedContext = [NSGraphicsContext currentContext];
>> 
>> Do we have an RAII object to save NSGraphicsContext.currentContext?  Seems like it might be useful.
> 
> Looks like we have this in WebCore, but it's all CG-based:
> 
>     ALLOW_DEPRECATED_DECLARATIONS_BEGIN
>     CGContextRef cgContext = (CGContextRef)[[NSGraphicsContext currentContext] graphicsPort];
>     ALLOW_DEPRECATED_DECLARATIONS_END
> 
>     CGContextStateSaver stateSaver(cgContext);
> 
> Via drawCellFocusRingWithFrameAtTime() in Source/WebCore/platform/mac/ThemeMac.mm.

Instead of writing out RetainPtr, I suggest you just change the adoptNS() to retainPtr().

Comment 5 David Kilzer (:ddkilzer) 2020-04-28 19:57:48 PDT

Comment on attachment 397917 [details]
Patch v1

View in context: https://bugs.webkit.org/attachment.cgi?id=397917&action=review

>>>> Source/WebKit/UIProcess/Cocoa/WebPageProxyCocoa.mm:408
>>>> +    RetainPtr<NSGraphicsContext> savedContext = [NSGraphicsContext currentContext];
>>> 
>>> Do we have an RAII object to save NSGraphicsContext.currentContext?  Seems like it might be useful.
>> 
>> Looks like we have this in WebCore, but it's all CG-based:
>> 
>>     ALLOW_DEPRECATED_DECLARATIONS_BEGIN
>>     CGContextRef cgContext = (CGContextRef)[[NSGraphicsContext currentContext] graphicsPort];
>>     ALLOW_DEPRECATED_DECLARATIONS_END
>> 
>>     CGContextStateSaver stateSaver(cgContext);
>> 
>> Via drawCellFocusRingWithFrameAtTime() in Source/WebCore/platform/mac/ThemeMac.mm.
> 
> Instead of writing out RetainPtr, I suggest you just change the adoptNS() to retainPtr().

Thanks, I had forgotten about that helper.

Comment 6 David Kilzer (:ddkilzer) 2020-04-28 20:01:12 PDT

Created attachment 397918 [details]
Patch for landing

Comment 7 Tim Horton 2020-04-28 20:11:30 PDT

I think Darin might have been referring to LocalCurrentGraphicsContext?

Comment 8 David Kilzer (:ddkilzer) 2020-04-28 21:09:25 PDT

Comment on attachment 397918 [details]
Patch for landing

Setting cq+ with win bot orange as this code isn't used on Windows.

Comment 9 EWS 2020-04-28 21:26:17 PDT

Committed r260864: <https://trac.webkit.org/changeset/260864>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 397918 [details].

Comment 10 Radar WebKit Bug Importer 2020-04-28 21:27:15 PDT

<rdar://problem/62573162>

Comment 11 Darin Adler 2020-04-29 11:39:54 PDT

(In reply to Tim Horton from comment #7)
> I think Darin might have been referring to LocalCurrentGraphicsContext?

It does seem like LocalCurrentGraphicsContext would be usable here with a tiny bit of refactoring.