Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(372)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: cc/trees/layer_tree_host_impl.cc

Issue 2349143003: cc: Avoid ResourceProvider nullptr deref (Closed)
Patch Set: not for review: fix crash Created 4 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« cc/trees/layer_tree_host_impl.h ('K') | « cc/trees/layer_tree_host_impl.h ('k') | cc/trees/layer_tree_host_unittest_context.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: cc/trees/layer_tree_host_impl.cc
diff --git a/cc/trees/layer_tree_host_impl.cc b/cc/trees/layer_tree_host_impl.cc
index f90ca3255bc2d07544e60e3a27bf0a75b6921c7c..b8c923e746d668400fc86fb9f3c51a5407fcefcf 100644
--- a/cc/trees/layer_tree_host_impl.cc
+++ b/cc/trees/layer_tree_host_impl.cc
@@ -240,6 +240,7 @@ LayerTreeHostImpl::LayerTreeHostImpl(
id_(id),
requires_high_res_to_draw_(false),
is_likely_to_require_a_draw_(false),
+ has_valid_compositor_frame_sink_(false),
mutator_(nullptr) {
DCHECK(animation_host_);
animation_host_->SetMutatorHostClient(this);
@@ -1925,6 +1926,7 @@ void LayerTreeHostImpl::SynchronouslyInitializeAllTiles() {
void LayerTreeHostImpl::DidLoseCompositorFrameSink() {
if (resource_provider_)
resource_provider_->DidLoseContextProvider();
+ has_valid_compositor_frame_sink_ = false;
client_->DidLoseCompositorFrameSinkOnImplThread();
}
@@ -2257,8 +2259,12 @@ void LayerTreeHostImpl::CleanUpTileManagerAndUIResources() {
void LayerTreeHostImpl::ReleaseCompositorFrameSink() {
TRACE_EVENT0("cc", "LayerTreeHostImpl::ReleaseCompositorFrameSink");
- if (!compositor_frame_sink_)
+ if (!compositor_frame_sink_) {
+ DCHECK(!has_valid_compositor_frame_sink_);
return;
+ }
+
+ has_valid_compositor_frame_sink_ = false;
// Since we will create a new resource provider, we cannot continue to use
// the old resources (i.e. render_surfaces and texture IDs). Clear them
@@ -2302,6 +2308,7 @@ bool LayerTreeHostImpl::InitializeRenderer(
return false;
}
+ has_valid_compositor_frame_sink_ = true;
danakj 2016/09/23 21:24:10 nit: put this right beside the assignment to compo
no sievers 2016/09/23 21:27:31 Done.
// When using software compositing, change to the limits specified for it.
// Since this is a one way trip, we don't need to worry about going back to
// GPU compositing.
@@ -3701,6 +3708,11 @@ void LayerTreeHostImpl::CreateUIResource(UIResourceId uid,
if (id)
DeleteUIResource(uid);
+ if (!has_valid_compositor_frame_sink_) {
+ evicted_ui_resources_.insert(uid);
+ return;
+ }
+
ResourceFormat format = resource_provider_->best_texture_format();
switch (bitmap.GetFormat()) {
case UIResourceBitmap::RGBA8:
@@ -3786,7 +3798,8 @@ void LayerTreeHostImpl::CreateUIResource(UIResourceId uid,
void LayerTreeHostImpl::DeleteUIResource(UIResourceId uid) {
ResourceId id = ResourceIdForUIResource(uid);
if (id) {
- resource_provider_->DeleteResource(id);
+ if (has_valid_compositor_frame_sink_)
+ resource_provider_->DeleteResource(id);
ui_resource_map_.erase(uid);
}
MarkUIResourceNotEvicted(uid);
« cc/trees/layer_tree_host_impl.h ('K') | « cc/trees/layer_tree_host_impl.h ('k') | cc/trees/layer_tree_host_unittest_context.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698