cc/trees/layer_tree_host_impl.cc - Issue 2349143003: cc: Avoid ResourceProvider nullptr deref

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: cc/trees/layer_tree_host_impl.cc

Issue 2349143003: cc: Avoid ResourceProvider nullptr deref (Closed)

Patch Set: not for review: fix crash Created 4 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: cc/trees/layer_tree_host_impl.cc

diff --git a/cc/trees/layer_tree_host_impl.cc b/cc/trees/layer_tree_host_impl.cc

index f90ca3255bc2d07544e60e3a27bf0a75b6921c7c..87c9ea6180a6f73d0b663124cc80f4198ed7d5b9 100644

--- a/cc/trees/layer_tree_host_impl.cc

+++ b/cc/trees/layer_tree_host_impl.cc

@@ -240,6 +240,7 @@ LayerTreeHostImpl::LayerTreeHostImpl(

id_(id),

requires_high_res_to_draw_(false),

is_likely_to_require_a_draw_(false),

+ has_valid_compositor_frame_sink_(false),

mutator_(nullptr) {

DCHECK(animation_host_);

animation_host_->SetMutatorHostClient(this);

@@ -1925,6 +1926,7 @@ void LayerTreeHostImpl::SynchronouslyInitializeAllTiles() {

void LayerTreeHostImpl::DidLoseCompositorFrameSink() {

if (resource_provider_)

resource_provider_->DidLoseContextProvider();

+ has_valid_compositor_frame_sink_ = false;

client_->DidLoseCompositorFrameSinkOnImplThread();

}

@@ -2257,8 +2259,12 @@ void LayerTreeHostImpl::CleanUpTileManagerAndUIResources() {

void LayerTreeHostImpl::ReleaseCompositorFrameSink() {

TRACE_EVENT0("cc", "LayerTreeHostImpl::ReleaseCompositorFrameSink");

- if (!compositor_frame_sink_)

+ if (!compositor_frame_sink_) {

+ DCHECK(!has_valid_compositor_frame_sink_);

return;

+ }

+ has_valid_compositor_frame_sink_ = false;

// Since we will create a new resource provider, we cannot continue to use

// the old resources (i.e. render_surfaces and texture IDs). Clear them

@@ -2309,6 +2315,7 @@ bool LayerTreeHostImpl::InitializeRenderer(

SetMemoryPolicy(settings_.software_memory_policy);

compositor_frame_sink_ = compositor_frame_sink;

+ has_valid_compositor_frame_sink_ = true;

resource_provider_ = base::MakeUnique<ResourceProvider>(

compositor_frame_sink_->context_provider(), shared_bitmap_manager_,

gpu_memory_buffer_manager_,

@@ -3701,6 +3708,11 @@ void LayerTreeHostImpl::CreateUIResource(UIResourceId uid,

if (id)

DeleteUIResource(uid);

+ if (!has_valid_compositor_frame_sink_) {

+ evicted_ui_resources_.insert(uid);

+ return;

+ }

ResourceFormat format = resource_provider_->best_texture_format();

switch (bitmap.GetFormat()) {

case UIResourceBitmap::RGBA8:

@@ -3786,7 +3798,8 @@ void LayerTreeHostImpl::CreateUIResource(UIResourceId uid,

void LayerTreeHostImpl::DeleteUIResource(UIResourceId uid) {

ResourceId id = ResourceIdForUIResource(uid);

if (id) {

- resource_provider_->DeleteResource(id);

+ if (has_valid_compositor_frame_sink_)

+ resource_provider_->DeleteResource(id);

ui_resource_map_.erase(uid);

}

MarkUIResourceNotEvicted(uid);

« no previous file with comments | « cc/trees/layer_tree_host_impl.h ('k') | cc/trees/layer_tree_host_unittest_context.cc » ('j') | no next file with comments »