| Index: content/browser/renderer_host/render_message_filter.cc
|
| diff --git a/content/browser/renderer_host/render_message_filter.cc b/content/browser/renderer_host/render_message_filter.cc
|
| index c5eed716df1c3f21b0a0f300e9f6a7a846406f5f..3c123da5d130583d9c9f1cbfa1fbf6bd158367fe 100644
|
| --- a/content/browser/renderer_host/render_message_filter.cc
|
| +++ b/content/browser/renderer_host/render_message_filter.cc
|
| @@ -10,6 +10,7 @@
|
| #include "base/bind_helpers.h"
|
| #include "base/command_line.h"
|
| #include "base/debug/alias.h"
|
| +#include "base/numerics/safe_math.h"
|
| #include "base/strings/sys_string_conversions.h"
|
| #include "base/strings/utf_string_conversions.h"
|
| #include "base/threading/thread.h"
|
| @@ -1259,8 +1260,17 @@ void RenderMessageFilter::OnAllocateGpuMemoryBuffer(
|
| handle->type = gfx::EMPTY_BUFFER;
|
| return;
|
| }
|
| + base::CheckedNumeric<int> size = width;
|
| + size *= height;
|
| + if (!size.IsValid()) {
|
| + handle->type = gfx::EMPTY_BUFFER;
|
| + return;
|
| + }
|
|
|
| #if defined(OS_MACOSX)
|
| + // TODO(reveman): This should be moved to
|
| + // GpuMemoryBufferImpl::AllocateForChildProcess and
|
| + // GpuMemoryBufferImplIOSurface. crbug.com/325045, crbug.com/323304
|
| if (GpuMemoryBufferImplIOSurface::IsFormatSupported(internalformat)) {
|
| IOSurfaceSupport* io_surface_support = IOSurfaceSupport::Initialize();
|
| if (io_surface_support) {
|
| @@ -1306,6 +1316,10 @@ void RenderMessageFilter::OnAllocateGpuMemoryBuffer(
|
| #endif
|
|
|
| #if defined(OS_ANDROID)
|
| + // TODO(reveman): This should be moved to
|
| + // GpuMemoryBufferImpl::AllocateForChildProcess and
|
| + // GpuMemoryBufferImplSurfaceTexture when adding support for out-of-process
|
| + // GPU service. crbug.com/368716
|
| if (GpuMemoryBufferImplSurfaceTexture::IsFormatSupported(internalformat)) {
|
| // Each surface texture is associated with a render process id. This allows
|
| // the GPU service and Java Binder IPC to verify that a renderer is not
|
| @@ -1321,24 +1335,8 @@ void RenderMessageFilter::OnAllocateGpuMemoryBuffer(
|
| }
|
| #endif
|
|
|
| - uint64 stride = static_cast<uint64>(width) *
|
| - GpuMemoryBufferImpl::BytesPerPixel(internalformat);
|
| - if (stride > std::numeric_limits<uint32>::max()) {
|
| - handle->type = gfx::EMPTY_BUFFER;
|
| - return;
|
| - }
|
| -
|
| - uint64 buffer_size = stride * static_cast<uint64>(height);
|
| - if (buffer_size > std::numeric_limits<size_t>::max()) {
|
| - handle->type = gfx::EMPTY_BUFFER;
|
| - return;
|
| - }
|
| -
|
| - // Fallback to fake GpuMemoryBuffer that is backed by shared memory and
|
| - // requires an upload before it can be used as a texture.
|
| - handle->type = gfx::SHARED_MEMORY_BUFFER;
|
| - ChildProcessHostImpl::AllocateSharedMemory(
|
| - static_cast<size_t>(buffer_size), PeerHandle(), &handle->handle);
|
| + GpuMemoryBufferImpl::AllocateForChildProcess(
|
| + gfx::Size(width, height), internalformat, PeerHandle(), handle);
|
| }
|
|
|
| } // namespace content
|
|
|
Chromium Code Reviews
Issue 263553009:
content: Cleanup GpuMemoryBuffer allocation. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src